// tools

Hash generator

Type or paste text; the hashes update live. Computed in your browser via crypto.subtle.digest. Nothing leaves the page.

Input

sha-1

—

sha-256

—

sha-384

—

sha-512

—

Where's MD5?

The browser's SubtleCrypto API doesn't implement MD5 because MD5 is broken — practical collision attacks have existed since 2004 (Wang & Yu) and now run in seconds on commodity hardware. If you genuinely need MD5 for a legacy checksum that pre-dates the fix, use a Node script with crypto.createHash('md5') rather than ship a JS implementation we'd have to maintain. For everything else, use SHA-256.

Picking the right algorithm

SHA-256 — default. Webhook signatures, content addressing, certificate fingerprints all use this.
SHA-512 — slightly faster on 64-bit machines for large inputs; same security posture as 256.
SHA-1— considered weak (collision found in 2017) but still appears in git object IDs, legacy webhook providers, and some package managers. Don't use for new code.