Can a hash be decrypted?

No. A hash is a one-way digest, not encryption. Short or common inputs can sometimes be guessed by brute force, but the hash itself is not decrypted.

MD5 is still used for old checksums and legacy comparisons. It should not be used for new security-sensitive designs.

Is SHA-256 safe for password storage?

Not by itself. Password storage needs a password hashing algorithm such as bcrypt, Argon2id, scrypt, or PBKDF2 with salt and cost settings.

No. The file hash mode reads the selected file in the browser and calculates the digest locally.

Hash Generator

Generate MD5, SHA-1, SHA-256, SHA-384, and SHA-512 hashes for text or a local file directly in your browser.

Algorithms (select one or more)

Text

File up to 50 MBUPPERCASE hex

0 characters · 0 bytes

MD5legacy32 hex

calculating...

SHA-256SHA-264 hex

calculating...

SHA-512SHA-2128 hex

calculating...

All calculations happen in your browser through the Web Crypto API. Text and files are not sent to a server.

Hashing is not encryption: a hash cannot be decrypted back into the original data.

MD5 and SHA-1 remain for legacy checks. Passwords need bcrypt, Argon2id, scrypt, or PBKDF2 with salt, not a fast MD5/SHA digest.

Generate a text or file hash

A hash function turns text or file bytes into a fixed-length digest. The same input gives the same output, while a small input change should produce a very different digest.

Hashing is not encryption

Encryption is reversible with a key. A cryptographic hash is designed as a one-way digest and cannot be decrypted back into the original data. Use MD5 only for legacy checksums and SHA-256 or another SHA-2 digest for modern checksum workflows.

Browser-based calculation

SHA algorithms are calculated with the Web Crypto API. MD5 is included for legacy checksums and compatibility.

Digest lengths

d = H (x)

d is the digest, H is the selected hash function, and x is the input bytes.

Algorithm	Bits	Hex length	Typical use
MD5	128	32	Legacy checksums and compatibility only
SHA-1	160	40	Legacy references only
SHA-256	256	64	Modern checksums and many protocol uses
SHA-384	384	96	SHA-2 digest with a longer output
SHA-512	512	128	SHA-2 digest with the longest output on this page

Security limits

MD5 and SHA-1 are legacy algorithms and should not be used for new security-sensitive signatures or collision-resistant designs.
SHA-256, SHA-384, and SHA-512 are SHA-2 algorithms, but a fast hash alone is not password storage.
For passwords, use bcrypt, Argon2id, scrypt, or PBKDF2 with salt and tuned work factors.
Use HMAC when a keyed message authentication code is required.

Frequently Asked Questions

Sources and References

Calculations are based on the listed reference sources. Links open in a new tab.

Updated: June 2, 2026

Related Tools

Password Generator

Generate a strong random password in your browser with length, character set, strength estimate, and one-click copy.

Open

UUID Generator

Generate UUID v4 and GUID-style identifiers in bulk, with uppercase, no-dash, and brace formatting options.

Open

Hash Generator

Generate a text or file hash

Digest lengths

Security limits

Frequently Asked Questions

Can a hash be decrypted?

Why include MD5?

Is SHA-256 safe for password storage?

Are files uploaded?

Sources and References

Related Tools