SHA-1/2 Hash Calculator
// instant hashing — no data leaves your browser
Text Hash
File Hash
Random Hashes
Frequently Asked Questions
What is a cryptographic hash function?
A cryptographic hash function takes an input of any size and produces a fixed-length digest. Three properties define it: determinism (same input always gives the same output), pre-image resistance (you cannot reverse the hash to recover the input), and collision resistance (it is computationally infeasible to find two different inputs that produce the same digest).
Are SHA hashes safe for passwords?
All SHA variants are designed to be fast, which is ideal for integrity checking but harmful for password storage — a fast hash lets attackers brute-force millions of candidates per second. For passwords, use a purpose-built slow algorithm: bcrypt, scrypt, or Argon2, all of which incorporate salting and adjustable work factors.
How does SHAFile ensure privacy?
All hashing runs entirely inside your browser using hash-wasm — a WebAssembly library that computes SHA digests locally without any network calls. No text, no file content, and no hash output is ever transmitted to any server. You can verify this by running the tool while offline — it works identically.
What output formats are available?
Hex (lowercase hexadecimal) is the most common format used in tooling and documentation. HEX is the same in uppercase. Base64 encodes the raw bytes as a shorter, URL-safe-friendly string often used in HTTP headers and certificates. Binary shows the individual bits, useful for educational purposes.
What is SHA-1?
SHA-1 (Secure Hash Algorithm 1) was designed by the NSA and published by NIST in 1995 as the successor to SHA-0. It produces a 160-bit (20-byte) digest, typically shown as a 40-character hex string. For many years it was the dominant hash function in TLS certificates, code signing, and version control systems — Git still uses SHA-1 internally for object addressing.
Is SHA-1 still secure?
SHA-1 is cryptographically broken for collision resistance. In 2017, Google's SHAttered project demonstrated the first practical SHA-1 collision: two distinct PDF files with the same SHA-1 digest. The attack required roughly 6,500 CPU-years of computation, making it expensive but feasible for well-resourced adversaries. NIST formally deprecated SHA-1 for digital signatures in 2011 and disallowed it entirely from 2030 onwards.
When is SHA-1 still acceptable?
SHA-1 remains acceptable for non-security-critical checksums where collision resistance is not required — for example, detecting accidental file corruption, cache invalidation keys, or legacy system interoperability where migration is not yet possible. It should never be used for digital signatures, certificate fingerprints, or any context where an adversary could benefit from crafting a collision.
What is the SHA-2 family?
SHA-2 is a family of hash functions designed by the NSA and published by NIST in 2001, sharing the same Merkle–Damgård construction but differing in internal word size, number of rounds, and output length. All four variants implemented here — SHA-224, SHA-256, SHA-384, and SHA-512 — are currently considered cryptographically secure with no known practical attacks on collision or pre-image resistance.
Variant comparison
| Algorithm | Digest | Block size | Rounds | Status | Common use |
|---|---|---|---|---|---|
| SHA-224 | 224 bit · 56 hex | 512 bit | 64 | Secure | Constrained environments, truncated SHA-256 variant |
| SHA-256 | 256 bit · 64 hex | 512 bit | 64 | Secure | TLS, code signing, Bitcoin PoW, general purpose |
| SHA-384 | 384 bit · 96 hex | 1024 bit | 80 | Secure | TLS cipher suites, government/FIPS workloads |
| SHA-512 | 512 bit · 128 hex | 1024 bit | 80 | Secure | High-security file integrity, archive signing |
Which SHA-2 variant should I use?
SHA-256 is the right default for almost everything: it is universally supported, well-studied, and produces a digest small enough to be practical. Use SHA-384 or SHA-512 when a standard or compliance requirement mandates a larger digest (e.g. FIPS 186-5 for digital signatures) or when you are operating on a 64-bit platform where the larger internal word size of SHA-512 may be faster than SHA-256. SHA-224 is a truncated form of SHA-256 used only when digest length is constrained — it offers no security advantage over SHA-256.
Can SHA-2 be reversed or cracked?
SHA-2 is a one-way function with no known mathematical inverse. No practical pre-image or collision attack has been demonstrated against any SHA-2 variant. Brute-forcing a 256-bit digest is computationally infeasible with current or foreseeable technology. For short or common inputs, precomputed rainbow tables could theoretically recover the original value — salt your data if that is a concern.