Criply

Hash Generator — SHA-256, MD5 and File Integrity Checking Explained

5 min readBy Criply Team

When you download software from the internet, you are trusting that the file you received is exactly what the publisher released — not a modified version with malware injected. One of the key mechanisms for verifying this is a cryptographic hash. If you have ever seen "SHA-256: a3f2e1..." on a download page and wondered what it means, this guide explains it clearly.

What is a hash?

A cryptographic hash function takes an input of any size — a single character, a sentence, or a 10 GB video file — and produces a fixed-length output called a hash, digest, or checksum. The SHA-256 algorithm always produces a 64-character hexadecimal string, regardless of input size.

Three properties make cryptographic hashes useful:

  • Deterministic: the same input always produces the same hash. "hello" always hashes to 2cf24dba... under SHA-256.
  • Avalanche effect: even a tiny change to the input produces a completely different hash. "hello" and "hellO" produce entirely different outputs — there is no relationship between the hashes.
  • One-way: you cannot reconstruct the input from the hash. This makes hashing fundamentally different from encryption.

SHA-256 — the current standard

SHA-256 stands for Secure Hash Algorithm 256-bit. It is part of the SHA-2 family, published by NIST in 2001. As of 2026, SHA-256 is considered cryptographically secure — no practical attacks are known against it for most use cases.

SHA-256 is used in:

  • Software distribution: publishers provide SHA-256 hashes of downloadable files so you can verify authenticity
  • Digital signatures: SSL/TLS certificates, code signing, and document signing all hash the content with SHA-256 before signing
  • Bitcoin: the proof-of-work mechanism and transaction IDs both use SHA-256
  • Password storage: raw SHA-256 is not safe for passwords (too fast — use bcrypt or Argon2 instead), but SHA-256 is often used as a component within those systems
  • Data integrity: databases and file systems use SHA-256 checksums to detect accidental corruption

SHA-384 and SHA-512 are larger variants producing 96- and 128-character hashes respectively. They offer more security margin but are slower and unnecessary for most applications.

MD5 — fast but broken

MD5 (Message Digest Algorithm 5) was designed by Ronald Rivest in 1991 and was the dominant hash algorithm through the 1990s and early 2000s. It produces a 32-character hexadecimal hash and was originally considered secure.

MD5 was broken in 2004. Researchers demonstrated a collision attack — the ability to construct two different inputs that produce the same MD5 hash. In 2008, a team used this to create a fraudulent SSL certificate that browsers would trust. The attack has since become practical enough that MD5 is now considered completely broken for security purposes.

What MD5 is still acceptable for:

  • Detecting accidental file corruption (not tampering)
  • Non-cryptographic checksums where security is irrelevant
  • Legacy systems that cannot be immediately updated

What MD5 is NOT safe for:

  • Password storage (never)
  • Verifying file authenticity (use SHA-256)
  • Digital signatures
  • Any context where an attacker could craft malicious input

SHA-1 — also deprecated

SHA-1 produces a 40-character hash and was the web standard before SHA-256. It was theoretically broken in 2005 and practically broken in 2017 when Google's Project Zero demonstrated the first real SHA-1 collision (the SHAttered attack). All major browsers stopped accepting SHA-1 certificates in 2017.

Like MD5, SHA-1 can still be used for non-security checksums but should never be used for anything where security matters.

How to verify a file download

This is the most practical everyday use of hashing. Here's the workflow:

  1. Go to the software publisher's download page. Find the SHA-256 hash listed for the file you want to download. Copy it.
  2. Download the file.
  3. Go to criply.co/security/hash-generator
  4. Click "Hash a file instead" and upload your downloaded file.
  5. Paste the expected hash into the "Compare with expected hash" field.
  6. If it shows ✓ Match — the file is exactly what the publisher released. If it shows ✗ No match — do not use the file.

A mismatch could mean the file was corrupted during download, the download was interrupted and the file is incomplete, or — in rare cases — the file was tampered with between the publisher and you.

Password storage — why you should not hash passwords with SHA-256

SHA-256 is fast — a modern GPU can compute billions of SHA-256 hashes per second. For password storage, this is a liability: an attacker with a leaked password database can test billions of common passwords per second until they find a match.

Purpose-built password hashing algorithms like bcrypt, scrypt, and Argon2 are deliberately slow and memory-intensive to make brute-force attacks impractical. They also incorporate salting — adding random data to each password before hashing — so two users with the same password get different stored hashes.

Never store user passwords as SHA-256 hashes. Always use a proper password hashing library for your platform.

Frequently asked questions

Can two different files have the same SHA-256 hash?
Theoretically yes (called a collision), but no practical collision attack against SHA-256 is currently known. The output space is 2^256 possible values — larger than the number of atoms in the observable universe.

Is the hash generated by this tool the same as what Linux commands produce?
Yes. This tool uses the browser's Web Crypto API (crypto.subtle.digest) which implements the same standard SHA algorithms as openssl dgst, sha256sum, and similar command-line tools. Results will match exactly.

Related tools

Get the free PDF Toolkit guide

7 practical ways to work with PDFs faster. Free, instant download.

Try it free — no signup required

Use our free Hash Generator tool — works in your browser, nothing to install.

Hash Generator — Free
← Back to all articles