MinifyKit

Hash Generator

Type or paste text below to compute its SHA-1, SHA-256, and SHA-512 hashes simultaneously. All hashing happens locally using the browser's built-in Web Crypto API.

SHA-1 160 bits

Legacy — vulnerable to collisions, avoid for security

SHA-256 256 bits

Modern default — used in TLS, git, Bitcoin

SHA-512 512 bits

Larger digest — slower on 32-bit, faster on 64-bit

What is a cryptographic hash function?

A hash function turns input of any length into a fixed-size digest. A small change in input produces a wildly different digest (the avalanche effect), and it's computationally infeasible to find the input from the digest. That makes hashes useful for fingerprinting data, detecting tampering, or addressing content by its contents rather than its name.

SHA-1 vs SHA-256 vs SHA-512

  • SHA-1 (160-bit) — chosen-prefix collisions have been demonstrated. Don't use it for digital signatures or anything security-sensitive. Still fine for non-security fingerprints (e.g. cache keys).
  • SHA-256 (256-bit) — the modern default. Used by TLS, git (since 2.42), and Bitcoin. No practical attacks known.
  • SHA-512 (512-bit) — larger digest, often faster than SHA-256 on 64-bit hardware because it processes the message in 128-byte blocks instead of 64.

Common use cases

  • Verifying file or release artifact integrity (checksum).
  • Content-addressable storage (git objects, IPFS, Docker layers).
  • HMAC and digital signature primitives.
  • Cache keys for memoization where collisions don't matter.

Do not use a plain hash for passwords

SHA-256 is fast. Attackers love fast. For password storage you want a slow, memory-hard function with a per-user salt — use bcrypt, scrypt, or Argon2. A bare SHA hash with no salt or iteration count can be brute-forced at hundreds of millions of guesses per second on a single GPU.

Privacy

All three hashes are computed locally using the browser's crypto.subtle.digest Web Crypto API. The text you type is never sent to a server.