About this tool
Compute the SHA-1, SHA-256, SHA-384 and SHA-512 digests of any text simultaneously, using the browser's native Web Crypto implementation. Input is hashed locally; nothing is transmitted.
A cryptographic hash is a one-way fingerprint: the same input always yields the same digest, but the digest cannot be reversed, and changing a single character changes the output completely. SHA-256 is the workhorse of file integrity checks, digital signatures and blockchain. SHA-1 is included for legacy comparison only — practical collisions were demonstrated in 2017 and it should not secure anything new. Note that raw fast hashes are also the wrong choice for storing passwords; dedicated slow algorithms like bcrypt or Argon2 exist for that.
How to use it
- Type or paste the text to hash.
- All four digests compute automatically.
- Copy the one you need.
Frequently asked questions
Can a hash be decrypted back to the original?
No — hashing is one-way by design. “Cracking” a hash means guessing inputs until one produces the same digest, which is infeasible for strong, high-entropy inputs.
Why is MD5 missing?
The Web Crypto API deliberately excludes MD5 because it is cryptographically broken. SHA-256 is the modern default.
Is SHA-256 suitable for storing passwords?
Not on its own — it is too fast, which helps attackers. Use a purpose-built password hash like bcrypt, scrypt or Argon2 with salting.