MD5, SHA-1, SHA-256 and SHA-512 hashes of text or files โ computed in your browser, nothing uploaded
Text and files are hashed locally with the Web Crypto API โ nothing you enter here leaves your device, so it's safe to hash sensitive data.
Publishers often list a SHA-256 checksum next to a download. Hash the file here and compare โ if the hashes match, the file wasn't corrupted or tampered with.
Both have practical collision attacks and shouldn't be used for signatures or passwords. They're still fine as quick checksums; use SHA-256 or SHA-512 for anything security-related.
Fast hashes like these are the wrong tool for password storage โ attackers can try billions per second. Systems should use bcrypt, scrypt or Argon2 instead.
A hash can't be "decrypted" โ the same input always gives the same output, but there's no way back. That's what makes hashes useful as fingerprints of data.
Whether you hash one letter or a 2 GB file, MD5 is always 32 hex characters, SHA-256 is 64, SHA-512 is 128. Changing one byte of input completely changes the hash.