How Hash Functions Work: MD5, SHA-1, SHA-256, and When to Use Each

Hash functions are one of the fundamental building blocks of computing. You'll encounter them in password storage, file integrity checks, digital signatures, version control (git uses SHA-1 for commit hashes), and many other places. Here's how they work and what the choice of algorithm actually means.

What a Hash Function Does

A hash function takes an input of any size and produces a fixed-size output — the "hash" or "digest" — that appears random. The same input always produces the same output. Different inputs produce different outputs (with extremely high probability). Changing even one character in the input produces a completely different hash.

Hash functions are one-way: there's no algorithm to reverse the process and recover the input from a hash (for cryptographic hash functions). This is by design.

MD5: Only for Non-Security Uses

MD5 produces a 128-bit (32 hex character) hash. It's fast and widely supported, which made it the default hash for decades. The problem: MD5 is cryptographically broken. Collisions — two different inputs that produce the same hash — can be computed in seconds on modern hardware. This doesn't matter for non-security uses (quick file checksums, uniqueness checks, cache keys) but makes MD5 completely unsuitable for any security-sensitive purpose.

Use MD5 for: quick uniqueness checks, non-security checksums, cache busting, legacy systems that require it.

SHA-1: Deprecated for Security

SHA-1 produces a 160-bit hash. It was the standard security hash for many years — used in SSL certificates, git commits, and digital signatures. Like MD5, SHA-1 is now broken: Google demonstrated practical collision attacks in 2017 (the SHAttered attack). Most certificate authorities stopped issuing SHA-1 certificates in 2016.

Git still uses SHA-1 for commit hashes, but in that context collisions aren't a security threat — the worst a colliding commit would do is cause a repository confusion problem, not an authentication bypass. Git is also transitioning to SHA-256.

SHA-256: The Current Standard

SHA-256 is part of the SHA-2 family. It produces a 256-bit hash and is currently considered secure. No practical collision or preimage attacks are known. It's the standard for TLS certificates, code signing, and most modern cryptographic applications.

SHA-256 is also used as a component in HMAC (Hash-based Message Authentication Code) for message authentication, and in many cryptocurrency proof-of-work algorithms.

SHA-512: Larger for Higher Security Margins

SHA-512 produces a 512-bit hash. It's not meaningfully "more secure" than SHA-256 for most current purposes (both are far beyond what's practically attackable), but it's faster than SHA-256 on 64-bit architectures that can process 64-bit operations natively. Some systems use it for higher security margins against future threats.

Hash Functions vs Password Hashing

A critical distinction: SHA-256 is NOT appropriate for hashing passwords. General-purpose hash functions are designed to be fast. Password hashing requires the opposite — deliberately slow algorithms that make brute-force and dictionary attacks computationally expensive even with modern hardware.

For passwords, use purpose-built functions: bcrypt, Argon2, or scrypt. These have configurable cost parameters that let you make hashing slower as hardware improves.

Generate hashes for any input with our Hash Generator — supports MD5, SHA-1, SHA-256, and SHA-512.