Type text into the box and the tool computes its SHA-256, SHA-384 and SHA-512 hashes all at once. It runs automatically (there is no button): as soon as you stop typing, the three results appear. Click the copy icon next to each one to send it to the clipboard.
A hash function turns any text —from a single letter to an entire book— into a fixed-length fingerprint.
• Deterministic — the same text always yields the same hash.
• One-way — the original text CANNOT be recovered from the hash.
• Avalanche effect — changing a single character changes the result completely.
• Fixed size — the fingerprint is always the same length, no matter how long the text is.
Use it to check that something has not changed, not to hide it:
• Integrity — verify that a download or file has not been corrupted or tampered with: you compare its hash against the published one.
• Fingerprints — identify or compare content without storing the whole text (deduplicate, detect duplicates).
It is not encryption. A hash cannot be «decrypted»: there is no way back to the original text from the fingerprint. If you need to recover the data later, use encryption, not a hash.
This tool computes the SHA-2 family, the current standard for integrity:
• SHA-256 — 256 bits (64 hex characters). The most widely used today: certificates, signatures, blockchain, download verification.
• SHA-384 — 384 bits (96 hex). A truncated variant of SHA-512; common in high-security TLS.
• SHA-512 — 512 bits (128 hex). The longest; extra margin against collisions and, on 64-bit CPUs, sometimes even faster than SHA-256.
All three are secure. MD5 and SHA-1 are broken (practical collisions are known), which is why this tool does not offer them.
The output is lowercase hexadecimal: each byte of the fingerprint is shown as two 0–f digits. That is why the length is always fixed:
• SHA-256 → 64 characters.
• SHA-384 → 96 characters.
• SHA-512 → 128 characters.
It is the same format that download sites publish next to the file, so you can compare the values directly.
Do not store passwords with these hashes. SHA-256/384/512 are designed to be fast, and that speed lets an attacker try billions of combinations per second if they steal the database.
Passwords need slow, salted functions such as bcrypt, scrypt or argon2, built precisely to resist brute force. This tool does not compute them.
Even worse are MD5 and SHA-1: besides being fast, they are broken. Do not use them for anything security-related.
All computation happens in your browser using the Web Crypto API (the browser's native cryptographic implementation). The text you type is never sent to any server.