A hash function takes any input — a password, a file, a string — and produces a fixed-length fingerprint. Two identical inputs always produce the same hash. Change one character and the entire fingerprint changes. This property makes hashes useful across security, data integrity, and distributed systems.
Here's a practical breakdown of the most common hash algorithms, what they're actually good for, and where each one falls short.
MD5
Output: 128 bits (32 hex characters)
Speed: Very fast
Security: Broken
MD5("hello") = 5d41402abc4b2a76b9719d911017c592
MD5("Hello") = 8b1a9953c4611296a827abf8c47804d7
MD5 was designed in 1991 and was widely used for password hashing and file integrity checks. It's no longer secure for either purpose — collision attacks (two different inputs producing the same hash) were demonstrated in 2004, and preimage attacks have reduced its practical security.
Still used for: Non-security checksums, database deduplication, content-addressable cache keys, and legacy systems where breaking changes aren't feasible.
Never use for: Passwords, authentication tokens, or anything security-sensitive.
SHA-1
Output: 160 bits (40 hex characters)
Speed: Fast
Security: Deprecated
SHA1("hello") = aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d
SHA-1 was the standard for years — used in SSL certificates, git commits (still is, actually), and digital signatures. Theoretical collision attacks were known since 2005, and the first practical collision (two different PDF files with the same SHA-1 hash) was demonstrated by Google's SHAttered attack in 2017.
Still used for: Git object storage (git is moving to SHA-256 in new repositories). Legacy systems. Non-security checksums.
Never use for: TLS certificates (major browsers have blocked SHA-1 certs since 2017), code signing, password storage.
SHA-256
Output: 256 bits (64 hex characters)
Speed: Moderately fast
Security: Currently secure
SHA256("hello") = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
SHA-256 is part of the SHA-2 family (designed by the NSA, published by NIST in 2001). It's the current industry standard for most security applications — digital signatures, TLS certificates, HMAC authentication, and Bitcoin's proof-of-work algorithm all use SHA-256.
Use for: File integrity verification, HMAC generation, digital signatures, API request signing, password hashing (with a proper KDF like bcrypt or Argon2 — never raw SHA-256 for passwords).
Limitations: Fast — which is a problem for password hashing (fast hashes mean fast brute-force attacks). Use Argon2 or bcrypt for passwords; use SHA-256 for data integrity.
SHA-512
Output: 512 bits (128 hex characters)
Speed: Comparable to SHA-256 on 64-bit hardware
Security: Currently secure, higher margin than SHA-256
SHA-512 uses longer internal state and more rounds. On 64-bit processors it's often faster than SHA-256 because it processes 64-bit words natively. The main advantage is a larger output (less collision probability) and resistance to future attacks.
Use for: High-security applications where a larger hash output is beneficial — certificate chains, long-lived digital signatures, scenarios where quantum computing resistance is a concern (larger output provides more headroom).
SHA-3 (Keccak)
Output: Variable (224, 256, 384, 512 bits)
Speed: Slower than SHA-2 in software
Security: Currently secure, different design from SHA-2
SHA-3 was selected by NIST in 2012 as a backup algorithm to SHA-2, using a completely different mathematical approach (sponge construction vs. Merkle–Damgård). It's not meant to replace SHA-256 — it's an alternative if SHA-2's design family is ever compromised.
Use for: Systems requiring algorithm diversity, or environments where hardware SHA-3 acceleration is available.
Quick Reference
| Algorithm | Output | Speed | Use for | Don't use for |
|---|---|---|---|---|
| MD5 | 32 chars | Fastest | Checksums, dedup | Passwords, security |
| SHA-1 | 40 chars | Fast | Git (legacy) | Certificates, passwords |
| SHA-256 | 64 chars | Moderate | HMAC, signatures, integrity | Passwords (alone) |
| SHA-512 | 128 chars | Similar to SHA-256 | High-security hashing | — |
| SHA-3-256 | 64 chars | Slower | Algorithm diversity | — |
Generating Hashes in Practice
To generate hashes for testing or verification without running code: paste your string into a browser-based hash generator and get MD5, SHA-1, SHA-256, SHA-512, and SHA-3 output simultaneously. Useful for checking API signatures, verifying file checksums, and testing hash-based comparisons without writing a single line of code.
In Node.js:
const { createHash } = require('crypto');
const hash = createHash('sha256')
.update('hello')
.digest('hex');
console.log(hash); // 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
Supported algorithms: 'md5', 'sha1', 'sha256', 'sha512', 'sha3-256'.
Why "Hash != Encryption"
A common misconception: hashing and encryption are not the same.
- Encryption is reversible. Given the key, you can recover the original data.
- Hashing is one-way. There's no key that recovers the original input.
This matters in practice: if you hash a password and store the hash, there's no way to "decrypt" it to show the user their password. You hash the login attempt and compare. If someone needs to recover their password, they reset it — not decrypt it.
Encryption is the right choice when you need the original data back (messages, sensitive documents). Hashing is the right choice for verification (did this file change? does this password match?).
The short version: use SHA-256 for most modern security applications. Use MD5 only for non-security checksums where you need speed and collision resistance doesn't matter. Never use raw SHA-256 for passwords — pair it with a password KDF (Argon2 or bcrypt) that adds computational cost.
Top comments (0)