🎉 Google Search Console confirmed — codeprints.site is now appearing in Google Search results! Read our blog →
QR Codes
QR GeneratorCreate any type of QR code free. URL QR CodeTurn any URL into a scannable QR. WiFi QR CodeShare WiFi credentials instantly. WhatsApp QROpen a WhatsApp chat with one scan. vCard QR CodeDigital business card, save on scan. Email QR CodeScan to open a pre-filled email. Phone QR CodeDial a number with a single scan. SMS QR CodeScan to send a pre-filled SMS.
Developer Tools & Utilities
Code to ImageBeautiful code screenshots for sharing. Barcode GeneratorEAN-13, Code 128 and bulk download. JSON FormatterFormat and validate JSON data. Base64 EncoderEncode or decode Base64 strings. JWT DecoderInspect and decode JWT tokens. URL EncoderEncode URLs for safe transmission. Password GeneratorGenerate strong secure passwords. Hash GeneratorMD5, SHA-256, bcrypt and more. Free QR APIGenerate QRs via API, no key needed.
CodePrints
Create QR Code — Free Login Register Free

Advertisement

Free Online Tool · No Signup · Browser-Side

Hash Generator — MD5, SHA-256, bcrypt & More

Generate, verify, and look up cryptographic password hashes instantly. Supports MD5, SHA-1, SHA-256, SHA-512, SHA-3, bcrypt, Argon2id, HMAC and more — all in your browser.

100% Free No Data Sent to Server 10+ Algorithms Instant Results
Open Hash Generator Tool

All Supported Hash Algorithms

Choose the right algorithm for your use case

MD5

128-bit legacy hash. Fast and widely supported. Once used for passwords but now cryptographically broken. Still used for file checksums and non-security integrity checks.

Legacy Broken for passwords 128-bit 32 hex chars

SHA-1

160-bit hash from the SHA-1 standard. Deprecated by NIST in 2011. Still used in some legacy systems and Git commit hashes. Not secure for new password storage or certificates.

Deprecated 160-bit 40 hex chars

SHA-256

The most widely used secure hash algorithm. Part of the SHA-2 family. Used in TLS/SSL certificates, code signing, Bitcoin, and JWT tokens. Recommended for data integrity.

Recommended 256-bit 64 hex chars

SHA-512

512-bit hash from the SHA-2 family. More secure and collision-resistant than SHA-256. Used when extra security margin is needed — API tokens, HMAC keys, and high-security signatures.

High Security 512-bit 128 hex chars

SHA-3 (Keccak)

The latest NIST standard (2015). Uses a completely different internal structure (sponge construction) to SHA-2. Supports 224, 256, 384, and 512-bit outputs. Future-proof choice.

Latest Standard 256 / 512-bit Keccak

bcrypt

Designed specifically for password hashing. Uses a random salt and configurable cost factor to slow down brute-force attacks. The default in Laravel's Hash::make().

Best for Passwords Salted Adaptive Cost

Argon2id

Winner of the Password Hashing Competition (2015). Memory-hard and time-hard by design. Resistant to GPU and ASIC brute-force attacks. The most modern password hashing standard.

Most Secure Memory-Hard PHC Winner

HMAC-SHA256 / SHA512

Keyed-hash Message Authentication Code. Uses a secret key + SHA-256/512 to produce a hash that verifies both data integrity and authenticity. Used in API signatures and JWT.

API Auth JWT Webhooks Keyed Hash

CRC32

Cyclic Redundancy Check — a 32-bit checksum algorithm. Not cryptographic at all but extremely fast. Used for error-detection in network packets, file downloads, and ZIP archives.

Checksum Only Not Cryptographic 32-bit

Algorithm Comparison

Which algorithm should you use?

Algorithm Output Size Speed Password Storage Data Integrity Status
MD5128-bitVery Fast❌ Broken⚠️ LegacyDeprecated
SHA-1160-bitFast❌ Broken⚠️ LegacyDeprecated
SHA-256256-bitFast⚠️ Not alone✅ RecommendedCurrent
SHA-512512-bitFast⚠️ Not alone✅ High SecurityCurrent
SHA3-256256-bitModerate⚠️ Not alone✅ Future-proofLatest
bcrypt60 charsSlow (by design)✅ RecommendedN/ACurrent
Argon2idVariableSlow (by design)✅ Best ChoiceN/ALatest
HMAC-SHA256256-bitFastN/A✅ Auth + IntegrityCurrent

Frequently Asked Questions

What is the difference between MD5 and SHA-256?
MD5 produces a 128-bit hash and is cryptographically broken — vulnerable to collision attacks. SHA-256 produces a 256-bit hash and is currently secure for data integrity and certificates. Neither should be used alone for passwords.
Which algorithm should I use for storing passwords?
Always use bcrypt or Argon2id for passwords. They include a random salt and are intentionally slow, making brute-force impractical. In Laravel use Hash::make(). Never use MD5, SHA-1, or plain SHA-256 for passwords.
Can MD5 or SHA-1 hashes be decrypted?
Hashes are mathematically irreversible. However, common or short passwords can be found in rainbow tables (precomputed hash databases). This is why salting (adding random data before hashing) exists — it makes rainbow tables useless.
What does Hash::make() use in Laravel?
By default, Hash::make() in Laravel uses bcrypt with a cost factor of 10. You can switch to Argon2id by setting BCRYPT_ROUNDS in .env or changing the driver in config/hashing.php.
Is it safe to use this tool for real passwords?
Yes. All hashing happens in your browser using the Web Crypto API and CryptoJS. No data is ever sent to our servers. However, we recommend only testing sample passwords — never paste production credentials into any web tool.
What is HMAC and when should I use it?
HMAC (Hash-based Message Authentication Code) adds a secret key to a hash function. It verifies both that data has not been tampered with AND that the sender knows the secret key. Use HMAC for API request signing, webhook verification, and JWT token validation.
Why is bcrypt output different every time?
bcrypt automatically generates a random salt for each hash. The salt is stored as part of the hash output. When verifying, bcrypt extracts the salt from the stored hash and uses it to hash the input password for comparison. This is why Hash::check() works correctly.

Ready to Hash Your Password?

Free, instant, browser-side. No login required.

Open Hash Generator

Advertisement