Hash Generator
Generate MD5, SHA-1, SHA-256, SHA-512, SHA-3, BLAKE2, and more — instantly and privately in your browser.
Text mode — hashes your input as UTF-8 characters
Best for strings, passwords, JSON, and code. Need to verify a download against a published checksum? Switch to and drop the file in — text mode cannot reproduce a file checksum.
Text encoded as UTF-8 · All processing is local
About Hash Generator
What is a Hash Function?
A cryptographic hash function takes an input (text, file, or any data) and produces a fixed-size string of characters called a digest or hash. The same input always produces the same output, but even a tiny change in the input produces a completely different hash. Hash functions are one-way — you cannot reverse a hash back to the original data.
Common Use Cases
Developers use hash generators to verify file integrity (checksums), compare passwords securely, debug API signatures, validate downloads, and work with blockchain addresses (Keccak-256). SHA-256 is the most widely used algorithm today for security-sensitive applications.
Text vs File — what's the difference?
These two modes hash different kinds of data, and the results are not interchangeable.
- Text mode encodes your input as UTF-8 text and hashes those characters. Use this for strings, passwords, API payloads, JSON, or any plain text you type or paste.
- File mode reads the file's raw binary bytes exactly as stored on disk — images, PDFs, ZIP archives, installers, videos, etc. The filename is not included in the hash.
Why use File mode?
File hashing is how you verify that a download is complete and unmodified. Software sites, package managers, and security teams publish checksums (usually SHA-256 or SHA-512) so you can confirm your copy matches the original. For example, after downloading node-v20.tar.gz, switch to File mode, drop the archive in, and compare the SHA-256 result with the value on the official website. If they match, the file arrived intact.
Important: hashing the contents of a file opened in a text editor is not the same as hashing the file itself. A PDF opened and copied as text will produce a completely different hash than File mode on the original .pdf.
How to use this tool
1. Type or paste your text, or drag & drop a file into the input area.
2. Hashes are computed instantly as you type — no button needed.
3. Click any hash row to copy it, or use "Copy All" for every result.
4. Switch output format between lowercase hex, uppercase hex, or Base64.
Privacy & Accuracy
All hashing happens locally in your browser using the audited @noble/hashes library. Your data is never sent to any server. Implementations are verified against official NIST/RFC test vectors on load.
Frequently Asked Questions
When should I use File mode instead of Text mode?
Use File mode when you need to verify a downloaded file, installer, image, archive, or any binary file against a published checksum (SHA-256, SHA-512, MD5, etc.). Use Text mode when you want to hash a string — passwords, JSON, URLs, code snippets, or any text you type or paste. They hash different data and will never produce the same result for the same 'content' unless the file literally contains only that UTF-8 text with no extra bytes.
Does File mode upload my file to a server?
No. The file is read entirely inside your browser using the FileReader API and hashed locally. Nothing is sent to our servers or any third party. Large files are processed in memory on your device.
Why doesn't my file hash match the checksum on the download page?
Common causes: (1) you hashed text instead of the raw file — make sure you used File mode; (2) the published checksum uses a different algorithm (e.g. SHA-256 vs SHA-512); (3) the download was corrupted or incomplete — try re-downloading; (4) hex case doesn't matter (ABC vs abc is the same), but the algorithm must match exactly.
What is the difference between SHA-3 and Keccak-256?
Both are based on the Keccak algorithm, but they use different padding. SHA-3 is the NIST standard (suffix 0x06). Keccak-256 uses the original padding (0x01) and is what Ethereum uses for address generation. They produce different hashes for the same input.
Is MD5 still safe to use?
MD5 is cryptographically broken for security purposes — collisions can be generated intentionally. It is still useful for non-security checksums (e.g. verifying a file wasn't corrupted during transfer), but never use MD5 for passwords or digital signatures.
Why does my hash differ from another online tool?
Common reasons: different character encoding (we use UTF-8 for text), uppercase vs lowercase hex output, or confusing SHA-3 with Keccak-256. For files, ensure you're hashing the raw binary content, not a text representation.
Is my data uploaded to your servers?
No. All computation runs entirely in your browser using JavaScript. Your text and files never leave your device.