Cryptographic Hash Functions Explained

A cryptographic hash function takes any input — a word, a file, a gigabyte of data — and produces a fixed-size output called a digest. SHA-256 always returns 256 bits, no matter the input size. Hashes are everywhere: integrity checks, digital signatures, content addressing, and password storage. Understanding what they guarantee (and what they don't) prevents a lot of security mistakes.

The defining properties

• Deterministic. The same input always produces the same digest.
• One-way (preimage resistance). Given a digest, you cannot feasibly recover the input.
• Collision resistant. It is infeasible to find two different inputs with the same digest.
• Avalanche effect. Changing a single bit of input changes about half the output bits, so similar inputs produce completely different digests.

What hashes are good for

• Integrity verification. Publish a file's hash; anyone can re-hash the download to confirm it wasn't altered.
• Deduplication and content addressing. Git, for example, names objects by their hash.
• Digital signatures and HMAC. You sign a hash of a message rather than the whole message.
• Fingerprinting. Comparing two large values by comparing their digests.

What hashes are not

• Not encryption. Hashing is one-way and has no key; there is no "unhashing." Encryption is reversible with a key.
• Not password storage on their own. A plain SHA-256 of a password is far too fast to compute, which helps attackers. Passwords need a slow, salted algorithm — Argon2, bcrypt, scrypt, or PBKDF2 — designed to resist brute force.

Why salting matters

A salt is a unique random value combined with the input before hashing. Without salt, identical inputs produce identical digests, so attackers can use precomputed "rainbow tables" and instantly spot repeated values. A unique salt per record means precomputation is useless and two users with the same password get different digests. A salt does not need to be secret — only unique and random. 16 bytes is a typical size.

Choosing an algorithm

• SHA-256 / SHA-384 / SHA-512 — the SHA-2 family, the modern default for general-purpose hashing. See our SHA-2 comparison.
• SHA-1 and MD5 — broken for collision resistance; use only for non-security checksums against accidental corruption, never for security.
• Argon2 / bcrypt / scrypt — purpose-built, deliberately slow password hashes.

Hash something now

The Hashes tab computes SHA-1, SHA-256, SHA-384, and SHA-512 digests in hex, Base64, or Base64URL, with optional salt placement and a one-click salt generator — all in your browser via the Web Crypto API.