What is a Hash Function?
A hash function takes an input (any text or data) and produces a fixed-length string of characters called a digest or hash. The same input always produces the same output, but even a tiny change in the input produces a completely different hash. Hash functions are one-way — you cannot reverse a hash back to the original input.
Hashes are used for data integrity verification, password storage, digital signatures, checksums for file downloads, and many other security and data-management tasks.
Hash Algorithms Compared
| Algorithm | Output Length | Security Status | Common Use Cases |
|---|---|---|---|
| MD5 | 128-bit (32 hex chars) | Broken — collision attacks demonstrated | File checksums (non-security), legacy systems |
| SHA-1 | 160-bit (40 hex chars) | Deprecated — collisions found (SHAttered, 2017) | Git commit hashes (legacy), older certificates |
| SHA-256 | 256-bit (64 hex chars) | Secure — no known practical attacks | TLS/SSL, Bitcoin, code signing, password hashing |
| SHA-512 | 512-bit (128 hex chars) | Secure — no known practical attacks | High-security applications, large data integrity |
When NOT to Use MD5
MD5 is fundamentally broken for any security purpose. Researchers have demonstrated practical collision attacks, meaning two different inputs can produce the same MD5 hash. Never use MD5 for:
- Password hashing — use bcrypt, scrypt, or Argon2 instead.
- Digital signatures — attackers can forge documents with matching MD5 hashes.
- Certificate validation — all modern CAs have migrated to SHA-256.
- Data integrity in adversarial contexts — an attacker can craft a malicious file with the same MD5 as a legitimate one.
MD5 is still acceptable for non-security uses like generating cache keys, deduplicating files in trusted environments, or quick checksums where intentional tampering is not a concern.
FAQ
Is my data safe?
Yes. All hashing is performed entirely in your browser using the Web Crypto API (for SHA) and a pure JavaScript implementation (for MD5). No text is transmitted to any server. You can verify this by checking your browser's Network tab.
Can I reverse a hash back to the original text?
No. Cryptographic hash functions are intentionally one-way. The only way to "crack" a hash is by brute-force or dictionary attacks — trying inputs until you find one that matches. This is why longer, random inputs are effectively impossible to reverse.
Why do you show MD5 and SHA-1 if they are insecure?
Many legacy systems, APIs, and file verification tools still use MD5 and SHA-1. We show them for convenience but clearly mark their security status. For any new project, always use SHA-256 or SHA-512.
Does the same input always produce the same hash?
Yes. Hash functions are deterministic — identical input will always produce an identical output, regardless of when or where you run it. This is what makes them useful for integrity verification.
What happens if I hash an empty string?
Even an empty string has a defined hash for each algorithm. For example, the MD5 of an empty string is d41d8cd98f00b204e9800998ecf8427e and the SHA-256 is e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855.