Hashing is everywhere in software: password storage, file integrity checks, API authentication, digital signatures. But not all hash algorithms are equal — and choosing the wrong one can create real security problems.
Here's a practical breakdown of the most common hash functions and when to use each.
What Is a Hash Function?
A hash function takes any input (a string, a file, a password) and produces a fixed-length output — the "hash" or "digest". The same input always produces the same output, but you cannot reverse the process to recover the original input.
Good hash functions have three properties:
- Deterministic — same input, same output, always
- Fast to compute — generating the hash is quick
- Collision-resistant — two different inputs should not produce the same hash
MD5 — Fast, But Broken for Security
MD5 produces a 128-bit (32 hex character) digest. It was designed in 1991 and was widely used for password hashing and file integrity checks.
Problem: MD5 is cryptographically broken. Researchers demonstrated collision attacks — two different inputs that produce the same MD5 hash — as far back as 2004. It should never be used for passwords or security-sensitive applications.
Still useful for: Non-security checksums, cache keys, deduplication of large datasets where collisions don't matter. Many legacy systems still use MD5 for file integrity checks where the risk of deliberate tampering is low.
MD5("hello") = 5d41402abc4b2a76b9719d911017c592
SHA-1 — Deprecated, but Still Around
SHA-1 produces a 160-bit (40 hex character) digest. It was the default in many systems for years — SSL certificates, Git commits, SVN.
Problem: SHA-1 collision attacks were demonstrated practically in 2017 (the SHAttered attack). Browsers no longer accept SHA-1 TLS certificates. Git has been migrating away from SHA-1 for repository object hashing.
Still used in: Git (for backward compatibility, though SHA-256 support is now available), some older certificate chains, HMAC-SHA1 in legacy APIs.
SHA1("hello") = aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d
SHA-256 — The Current Standard
SHA-256 is part of the SHA-2 family and produces a 256-bit (64 hex character) digest. It's the recommended algorithm for most general-purpose hashing today.
Fast, collision-resistant, and widely supported. SHA-256 is used in:
- TLS certificates (replacing SHA-1)
- Bitcoin (double SHA-256 for block hashing)
- HMAC-SHA256 for API request signing (AWS Signature Version 4, for example)
- JWT (JSON Web Token) signing (HS256 algorithm)
- File integrity verification
SHA256("hello") = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
SHA-512 — When You Need More Bits
SHA-512 produces a 512-bit (128 hex character) digest. On 64-bit systems it can actually be faster than SHA-256 because modern CPUs process 64-bit words natively.
Use SHA-512 when you need larger digests for extra security margin, or when throughput on 64-bit hardware matters. In practice, SHA-256 is sufficient for most applications.
SHA-3 — A Different Design
SHA-3 (released 2015) is a completely different algorithm family from SHA-2 — it uses a sponge construction rather than the Merkle–Damgård construction of MD5/SHA-1/SHA-2. It's not faster or stronger than SHA-256 for most uses, but having a structurally different algorithm matters: if a weakness is found in SHA-2's design, SHA-3 provides an alternative.
Adoption is still limited — most libraries and protocols default to SHA-256.
What About Passwords?
Never use MD5, SHA-1, SHA-256, or any general-purpose hash to store passwords directly. These algorithms are designed to be fast — which is exactly what you don't want for passwords. An attacker with a GPU can compute billions of SHA-256 hashes per second.
For passwords, use a slow, memory-hard hashing algorithm:
- bcrypt — the standard for most web applications, built-in support in most frameworks
- Argon2 — the winner of the Password Hashing Competition (2015), best for new systems
- scrypt — memory-hard, good for high-security applications
These algorithms are intentionally slow and can be tuned to become slower as hardware improves.
Quick Reference
| Algorithm | Output | Status | Use For |
|---|---|---|---|
| MD5 | 128-bit | ⚠️ Broken | Non-security checksums, cache keys |
| SHA-1 | 160-bit | ⚠️ Deprecated | Legacy systems only |
| SHA-256 | 256-bit | ✅ Recommended | File integrity, API signing, TLS, JWTs |
| SHA-512 | 512-bit | ✅ Recommended | High-security digests, 64-bit throughput |
| SHA-3 | Variable | ✅ Alternative | When SHA-2 diversity matters |
| bcrypt | 60 chars | ✅ Passwords only | Password storage |
| Argon2 | Variable | ✅ Best for passwords | New systems needing password storage |
Try It Yourself
You can generate MD5, SHA-1, SHA-256, SHA-512, and other hash digests instantly in your browser using the Hash Generator at SnappyTools. No upload, no account — paste your text and see the output for all algorithms at once.
Useful for verifying checksums, testing API signing logic, or just understanding what the different algorithm outputs look like side by side.
Top comments (0)