SHA-256, MD5, and Other Hash Functions: Complete Guide

Hash functions are everywhere in software development - storing passwords, verifying file integrity, creating digital signatures, caching, and detecting tampering. But knowing which hash function to use and when can be confusing. This guide breaks down the most common hash functions and why you’d choose one over another.

What is a hash function?

A hash function takes input of any size and produces a fixed-length string of characters (the “hash” or “digest”). The same input always produces the same hash. Small changes to the input produce completely different hashes.

Input: "Hello, World!"
SHA-256: 7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069

Input: "Hello, World"
SHA-256: 334d016f755cd6dc58c53a86e183882f8ec14f52fb05345887c8a5edd42c87b7

Even a tiny change (removed the comma) produces a completely different hash. This is called the “avalanche effect” and it’s a core property of good hash functions.

Key properties of hash functions:

Deterministic - same input always gives same hash
Fast - quick to compute
Non-reversible - can’t recover the original input from the hash
Avalanche effect - tiny input changes cause completely different hashes
Collision-resistant - extremely hard to find two inputs with the same hash

Common hash functions: Comparison

MD5 - 128 bits, cryptographically broken, avoid for any security use. Legacy only.

SHA-1 - 160 bits, deprecated by Google and major browsers. Practical collision attacks exist. Don’t use in new projects.

SHA-256 - 256 bits, strong and widely trusted. Use this for passwords (with salt + key-stretching), digital signatures, blockchain, and new projects. The standard choice.

SHA-512 - 512 bits, very strong but rarely needed. Use when SHA-256 feels insufficient or for maximum future-proofing. In practice, SHA-256 is always sufficient.

MD5 - Avoid in New Code

MD5 produces a 128-bit hash and was once the standard. Don’t use it for security. In 2004, cryptographers found it was vulnerable to collision attacks - two different inputs can produce the same hash. This breaks password storage and file verification.

MD5 is still okay for:

Non-cryptographic checksums (detecting accidental file corruption)
Legacy systems you can’t change

# Example (don't use for passwords!)
echo -n "password" | md5sum
# Output: 5f4dcc3b5aa765d61d8327deb882cf99

SHA-1 - Deprecated, Don’t Use

SHA-1 produces a 160-bit hash. It was supposed to fix MD5’s problems, but by 2017, practical collision attacks were demonstrated. Google deprecated it across the web.

Don’t use SHA-1 for:

Password storage
Digital signatures
Any new security-critical application

It may still appear in legacy systems (like older Git commits), but it’s being phased out.

SHA-256 - Use This for Most Cases

SHA-256 is part of the SHA-2 family and produces a 256-bit (32-byte) hash. It’s considered cryptographically strong and is the standard for most modern applications.

# Hash a string
echo -n "password" | sha256sum
# Output: 5e884898da28047151d0e56f8dc62927 45ea581a3a2c28de1e4ef69...

# Hash a file
sha256sum filename.txt

Use SHA-256 for:

Password hashing (with a salt and key-stretching function like bcrypt or Argon2)
Digital signatures
Blockchain and cryptocurrency (Bitcoin, Ethereum use SHA-256)
File integrity verification
API authentication tokens

// Node.js example
const crypto = require('crypto');
const hash = crypto.createHash('sha256').update('password').digest('hex');
console.log(hash);
// a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3

SHA-512 - Use When SHA-256 Feels Small

SHA-512 is part of SHA-2 and produces a 512-bit (64-byte) hash. It’s not significantly harder to crack than SHA-256, but if you want maximum security margin or need compatibility with systems expecting larger hashes, use it.

Use SHA-512 for:

Long-term security-critical applications
Compliance requirements demanding larger hashes
Future-proofing (by 2100, we might need bigger hashes, but probably not)

echo -n "password" | sha512sum
# Output: [64-character hex string]

In practice, SHA-256 is almost always sufficient. SHA-512 is overkill for 99% of use cases.

Hashing vs. Encryption - Know the Difference

This confuses many developers.

Hashing:

One-way (non-reversible)
Same input always produces same output
Used for verification, not confidentiality
Example: password storage, checksums

Encryption:

Two-way (reversible with a key)
Can decrypt to recover original data
Used for confidentiality
Example: securing messages, file encryption

For passwords, you want hashing, not encryption. If you encrypt a password, anyone with the encryption key can reverse it.

Password Hashing - Use Salts and Key Stretching

Hashing alone isn’t enough for passwords. Attackers use “rainbow tables” - pre-computed lists of password hashes. To defend:

Add a salt - a random string concatenated to the password before hashing
Use key-stretching - make the hash computationally expensive (bcrypt, Argon2, PBKDF2)

// Don't do this - vulnerable to rainbow tables
const hash = sha256(password);

// Do this - use bcrypt
const bcrypt = require('bcrypt');
const hash = await bcrypt.hash(password, 10);

Bcrypt automatically handles salting and stretching. Use bcrypt, Argon2, or scrypt for passwords - never plain SHA-256.

Verify File Integrity

Hash a file to detect corruption or tampering:

# Create checksum
sha256sum largefile.zip > largefile.zip.sha256

# Verify later
sha256sum -c largefile.zip.sha256
# Output: largefile.zip: OK

If the file changes (even one byte), the hash changes completely, instantly detecting tampering.

Generate Your Own Hashes

Use our free Hash Generator to compute MD5, SHA-1, SHA-256, and SHA-512 hashes online. Paste text - no data leaves your browser.

Summary

❌ MD5 - Legacy only, cryptographically broken
❌ SHA-1 - Deprecated, practical collisions exist
✅ SHA-256 - Use this for most cases (passwords, signatures, blockchain)
✅ SHA-512 - Use when SHA-256 feels small (rarely needed)
🔐 For passwords specifically - Use bcrypt, Argon2, or scrypt with salt and key-stretching, not plain hashing