Hash Generator
Compute SHA-1, SHA-256, SHA-384, and SHA-512 hashes from text or a file.
————🔒 Hashing uses the SubtleCrypto API. Your data never leaves the browser.
About this tool
Uses the browser's SubtleCrypto.digestAPI. MD5 is not offered because it's broken for security uses and is not part of Web Crypto.
Verifying a download? Paste in the published checksum and use the inline comparison — it does a constant-character match so you don't need to eyeball 64 hex chars.
Frequently asked
▸Which algorithm should I use?
SHA-256 is the default for almost everything: checksums, fingerprints, content-addressed identifiers. Use SHA-512 only if you're following a specific spec that requires it. Avoid SHA-1 — see below.
▸Is SHA-1 still safe?
Not for security. SHA-1 has been broken in practice — researchers have produced collisions. It's still fine for non-security fingerprints (Git uses it for object IDs), but never use SHA-1 for signatures, passwords, or anything an attacker could try to forge.
▸How is this different from HMAC?
A plain hash takes one input. HMAC takes a message AND a secret key, and is the right primitive for authenticating messages or signing webhook payloads. BEAD has a dedicated HMAC Calculator.
You might also like
- HMAC CalculatorCompute HMAC-SHA1, SHA-256, SHA-384, or SHA-512 over a message and secret — for API signing or message auth.
- AES Encrypt / DecryptEncrypt or decrypt text with AES-GCM, deriving a key from a passphrase via PBKDF2 — all in your browser.
- Base64 Encoder / DecoderEncode or decode Base64 strings instantly.
- Escape / UnescapeEscape or unescape strings for JSON, JavaScript, HTML attribute, XML, and SQL contexts.