A cryptographic hash maps any input to a fixed-length fingerprint. SHA-256 is the workhorse: 32 bytes (64 hex chars) of output, fast on every modern CPU, collision-resistant for the foreseeable future. This tool computes hashes via Web Crypto's native crypto.subtle.digest — the same primitive your servers and CDNs use.
SHA-256 hash
A hash maps any input to a fixed-length fingerprint. Useful for checksums, ETags, and integrity checks. Not a substitute for password hashing — use Argon2 or bcrypt for that.
Cryptographic hash
Fingerprint arbitrary text with the Web Crypto API. The bytes never leave your tab — the browser computes the digest natively.
Input
SHA-256 (hex)
Bytes in
12
Hex length
0
Common use cases
Subresource Integrity attributes
integrity="sha384-…" on third-party <script> tags, computed from the bundle content. The browser refuses to run mismatched bytes.
File integrity checks
Re-hash a downloaded file, compare to the published digest, confirm nothing tampered with it in transit.
Cache keys and ETags
Stable, content-addressed identifiers that change exactly when the content does — the foundation of immutable asset caching.
How to use this tool
- 1 Paste your input — any text, any length.
- 2 Pick an algorithm; SHA-256 is the safe default.
- 3 Copy the hex digest.
Frequently asked questions
Can I use this for password hashing?
No. Cryptographic hashes are fast by design — the opposite of what password storage needs. Use Argon2 (preferred), bcrypt, or scrypt for credentials. A plain SHA-256 of a password is dangerous.
Why is SHA-1 still here?
For legacy checksums — git object IDs, older signature formats, integrations you don’t control. SHA-1 collisions have been public since 2017; never use it for new security-critical work.
SHA-256 vs SHA-512?
SHA-512 is faster on 64-bit hardware and produces a longer output. For most application use cases the difference is negligible; pick 256 unless you have a specific reason for 512.