Random Number

Secure Hash Generator

Generate secure SHA-256, SHA-384, and SHA-512 hashes for text or files entirely in your browser. This tool uses the Web Crypto API only, keeps your data client-side, and skips outdated algorithms such as MD5 and SHA-1.

Hash text or a file

The browser Web Crypto API currently exposes the secure SHA-2 digests SHA-256, SHA-384, and SHA-512. SHA-512 is the default here because it gives the longest digest output.

Choose a local file to hash it in the browser using File.arrayBuffer() and crypto.subtle.digest(). The file contents are not uploaded by this page.

Source None yet
Digest SHA-512
Output length 512 bits
Hex digest
Base64 digest

What this hash generator does

This tool computes a cryptographic digest from either plain text or a local file. A digest, also called a hash, is a fixed-length fingerprint derived from arbitrary input data. If the input changes by even one byte, the output hash changes completely.

The implementation uses the browser's standard Web Crypto API, specifically crypto.subtle.digest(). According to current MDN documentation for SubtleCrypto.digest(), the secure browser-supported digest algorithms exposed by this API today are SHA-256, SHA-384, and SHA-512. This page intentionally excludes insecure legacy digests such as SHA-1 and older non-cryptographic patterns.

Everything happens locally in the browser. Text is converted to bytes with TextEncoder. Files are read with File.arrayBuffer(). The resulting bytes are hashed with the selected SHA-2 algorithm, then displayed in both hexadecimal and Base64 formats for easy comparison and copying.

When to use hashes

Secure hashes are useful when you need to verify integrity, identify exact content, compare outputs across systems, or generate deterministic fingerprints for build artifacts, files, messages, and API payloads.

  • Use SHA-256 for a widely used secure default.
  • Use SHA-384 when a 384-bit digest is specifically required.
  • Use SHA-512 when you want the longest digest output available in standard Web Crypto.
  • Use the hex output when matching common CLI tools and documentation.
  • Use the Base64 output when embedding digests in headers, tokens, or structured data formats.

Important limitations

This is a general-purpose cryptographic hash tool, not a password storage solution. If you need to hash passwords for authentication, the right approach is a dedicated password hashing algorithm such as Argon2, scrypt, or bcrypt on the server side. A plain fast digest like SHA-256 or SHA-512 is not sufficient on its own for password storage.

Another practical limitation comes from the current Web Crypto digest API itself: it is not streaming. The entire text or file has to be loaded into memory before hashing. For normal inputs that is fine, but extremely large files may use substantial memory in the browser.

Technical details

The SHA-2 family remains the secure digest family exposed broadly by the standard browser API for digest(). This tool keeps to those algorithms so the page stays portable across modern browsers and avoids advertising options that are either insecure or not consistently available through standard Web Crypto interfaces.

The outputs shown here should match other compliant implementations of SHA-256, SHA-384, and SHA-512 for the exact same byte input. That makes the page useful for quick verification work, reproducible build checks, content comparison, and development tasks where you need a trustworthy digest without opening a terminal.