How it works
- The SHA-1 and SHA-2 algorithms (SHA-256/384/512) are computed with the Web Crypto API — the same implementation browsers use for HTTPS. MD5, CRC32 and the SHA-3 family (SHA3-256/512) are implemented in JavaScript since browsers don't expose them, and all are verified against official test vectors.
- File mode hashes the exact bytes of an uploaded file — handy for verifying a download wasn't corrupted or tampered with, by comparing against a hash published by the source.
- The verification field checks your pasted hash against all four computed hashes (case-insensitive) and tells you which one, if any, matches.
- MD5 is intentionally not offered: it's cryptographically broken and shouldn't be used for anything security-sensitive. Use SHA-256 or higher.
- Nothing is uploaded anywhere — files and text are hashed entirely in your browser.
Generate MD5, CRC32, SHA-1, SHA-256, SHA-384, SHA-512 and SHA-3 (256/512) hashes from text or files, right in your browser. Useful for checksums, integrity checks and fingerprinting — with nothing uploaded.
Frequently asked questions
Which hash algorithms are supported?
MD5, CRC32, SHA-1, the SHA-2 family (SHA-256/384/512) and the modern SHA-3 family (SHA3-256/512). SHA-256 is the usual choice for file integrity; SHA-3 is the newest NIST standard; CRC32 is a fast non-cryptographic checksum.
Is it safe to hash sensitive data here?
Yes — hashing happens locally in your browser and nothing is sent to a server, so passwords or private files never leave your device.
Should I use MD5 for security?
No. MD5 and SHA-1 are fine for non-security checksums and deduplication but are considered broken for security purposes — use SHA-256 or stronger for anything security-related.
Can I verify a file's checksum?
Yes — hash the file and compare the result to the published checksum. If they match character-for-character, the file is intact and untampered.