Home/Security Tools/Hash generator

Hash generator

Hash Generator

Hashes are one-way fingerprints — they are not encryption.

One-way Security helpers

Algorithm

Includes SHA-256 and legacy MD5 (for checksums only).

InputUTF-8
Output
Encoding

Hash

Live digest MD5 is not for passwords bcrypt is salted

When to use what

  • SHA-256/SHA-512 for checksums and content fingerprints.
  • HMAC-SHA256 for message authentication (requires a secret).
  • bcrypt for passwords (slow + salted).

MD5 warning

MD5 is fast and collision-prone. Use it only for non-security checksums (like file integrity in trusted workflows), not for passwords, signatures, or security decisions.

bcrypt notes

  • Higher cost means slower hashing (better against brute force, but heavier for servers).
  • Hashes include their salt, so the same password produces different hashes.
  • Store only the bcrypt hash; verify with a password check routine.

How it works

Hashes your input with WebCrypto (SHA-1/256/384/512) or bcrypt (in-browser worker) and outputs in hex or Base64. Nothing leaves your device.

  • Hashing is one-way; keep original data if you need to compare later.
  • Use bcrypt for passwords, not SHA/MD5.

Quick examples

File checksum
Alg: SHA-256
Output: hex digest for download verification
Password hash
Alg: bcrypt cost 12
Output: $2b$… salted hash

Toggle encoding to fit your workflow.

Mini FAQ

Why avoid MD5?

It has collisions; keep it for non-security checksums only.

Which SHA variant?

SHA-256 is standard; SHA-512 for longer digests.

How do I verify bcrypt?

Use bcrypt verify with the stored hash; rehash on login if cost increases.