Hash Generator

Generate MD5, SHA-1, SHA-256, SHA-512, and SHA-3-256 hashes from text or files. Runs locally — nothing is sent to any server.

Jump to section

Complete your workflow →

🔐

Password GeneratorGenerate cryptographically secure passwords with custom rules.

→🔗

URL Encoder / DecoderEncode or decode special characters for URLs instantly.

→01

Number Base ConverterConvert numbers between binary, octal, decimal, and hexadecimal.

→

Ad · responsive

How to Use the Hash Generator

Type or paste any text into the input field and all five hash values appear instantly. Switch to File mode to hash any file — useful for verifying a download against a published checksum. Click Compare on any hash row to paste an expected hash and see instantly whether they match. Use Copy All to grab all hashes at once for documentation or verification records.

About This Tool

Generate MD5, SHA-1, SHA-256, SHA-512, and SHA-3-256 hashes from text or files entirely in your browser. SHA-256 and SHA-512 use the native Web Crypto API for maximum speed. MD5 and SHA-3-256 use lightweight JavaScript libraries loaded lazily on first use. The Compare feature lets you verify file downloads against published checksums — essential for confirming software integrity. HMAC (keyed hashing) is also supported for API authentication and webhook verification. Zero server communication — your data never leaves your device. Related: encode special characters for URLs when computing hash inputs from query strings, and generate secure passphrases when you need the plaintext that will later be hashed for storage.

Quick Reference Table

Algorithm	Output Length	Status
MD5	128-bit / 32 hex chars	Legacy — avoid for security
SHA-1	160-bit / 40 hex chars	Legacy — avoid for security
SHA-256	256-bit / 64 hex chars	Current standard
SHA-512	512-bit / 128 hex chars	High security
SHA-3-256	256-bit / 64 hex chars	Modern standard (Keccak)

Frequently Asked Questions

Is my text or file sent to a server?

No. All hashing runs in your browser using the native Web Crypto API and small JavaScript libraries. Your input never leaves your device.

Can I reverse a hash to find the original input?

No. Cryptographic hash functions are designed to be one-way — there is no algorithm to reverse them. Common short inputs can be looked up in rainbow tables, which is why passwords should use dedicated hashing functions like bcrypt.

Why does changing one character completely change the hash?

This is called the avalanche effect — a deliberate property of cryptographic hash functions. It ensures similar inputs produce completely different outputs.

Why is MD5 shown as LEGACY?

MD5 has known collision vulnerabilities. It remains useful for non-security purposes like checking file corruption, but should not be used for security-sensitive applications.

What encoding should I use for text hashing?

UTF-8 is correct for almost every use case and is the default. Use UTF-16 only when comparing against a hash generated by a system that explicitly used UTF-16 encoding.

Created by The Toobits Team · Engineering & Editorial

Toobits is built, tested, and maintained by a small independent engineering team. Every tool is written in TypeScript, runs entirely in the browser, and is reviewed against its source formulas before publication.

Editorial policy · Updated April 2026

Ad · responsive