Hash Generator.
Compute MD5, SHA-1, SHA-256, and SHA-512 hashes instantly from text, files, or HMAC keys. Fully client-side — your data never leaves your browser.
Verify Hash
Why Use Our Hash Generator?
Whether you're verifying a downloaded file, signing API requests, or exploring cryptography, our hash generator covers every common use case — instantly, privately, and for free.
100% Private & Local: Hashes are computed entirely in your browser. Your text and files are never uploaded to any server — not even ours.
All Major Algorithms: MD5, SHA-1, SHA-256, and SHA-512 — with hex and Base64 output — covering every common checksum and security use case.
File Integrity Verification: Drop any file (up to 50 MB) to compute its checksum, then paste an expected hash into the Verify field to instantly confirm authenticity.
How to Hash Text or a File
Choose your input: type or paste text in the Text tab, drop a file in the File tab, or enter a secret key and message in the HMAC tab.
See all hashes instantly: MD5, SHA-1, SHA-256, and SHA-512 are computed simultaneously and update in real time as you type.
Pick your format: toggle uppercase or lowercase hex, or switch to Base64 output for API and JWT use cases.
Verify a checksum: copy any hash with one click, or paste an expected hash into the Verify Hash field to confirm a match.
Frequently Asked Questions
What is a cryptographic hash function?
A cryptographic hash function takes any input and produces a fixed-length output (the hash). The same input always produces the same hash, but even a single character change produces a completely different result — a property called the avalanche effect. Hashes are one-way: you cannot reconstruct the original input from the hash.
What is the difference between MD5, SHA-1, SHA-256, and SHA-512?
MD5 produces a 128-bit hash and SHA-1 a 160-bit hash — both are fast but cryptographically broken and should not be used for security. SHA-256 (256-bit) and SHA-512 (512-bit) are part of the SHA-2 family and are considered secure for digital signatures, TLS certificates, and password hashing.
Is MD5 safe to use?
MD5 is cryptographically broken — collision attacks are feasible, meaning two different inputs can produce the same hash. It should never be used for security purposes such as password storage or digital signatures. However, it is still widely used for non-security checksums like verifying file downloads, where speed matters more than collision resistance.
Are my files uploaded when I use the File tab?
No. The File tab uses the browser's FileReader API to read your file locally in memory. Nothing is ever sent to a server. Your file content stays entirely on your device.
What is HMAC?
HMAC (Hash-based Message Authentication Code) combines a hash function with a secret key. It produces an output that verifies both data integrity (the message was not tampered with) and authenticity (it came from someone who knows the key). HMAC-SHA256 is widely used for API request signing, JWT tokens, and webhook verification.
How do I verify a file download with a checksum?
Drop your downloaded file into the File tab, then check the published hash algorithm (usually SHA-256 or MD5) used by the software provider. Copy the hash shown next to that algorithm and paste it into the Verify Hash field. A green Match badge confirms your file is authentic and unmodified.
What is Base64 encoding for hashes?
A hash is fundamentally a sequence of raw bytes. Hex encoding represents each byte as two characters (0-9, a-f). Base64 encoding represents those same bytes using 64 printable characters, producing a shorter string. Base64 hashes are commonly used in HTTP headers, HMAC signatures, JWT tokens, and some API authentication schemes.