When a user creates an account on your site, you never store their password as plain text in the database. If you did, a single breach would expose every user's password directly. Hashing is the solution — and it's one of the most fundamental concepts in application security.
This article explains what hashing is, how the major algorithms compare, and what to actually use in your code.
What is Hashing?
Hashing is a one-way transformation that converts any input into a fixed-length string called a hash (or digest). Three properties define a good hash function:
- Deterministic: the same input always produces the same output
- Irreversible: you cannot reconstruct the original input from the hash
- Avalanche effect: a tiny change in the input produces a completely different hash
For example, run "Hello" through SHA-256 and you always get the same result:
SHA-256("Hello") = 185f8db32921bd46d35cc2af78636c3aea7a7b4f19ab4ba82c0dff09b0b43a3
Change one letter — "hello" (lowercase) — and the hash looks completely different. There's no mathematical path from the hash back to "Hello."
MD5, SHA-1, SHA-256, SHA-512: How They Compare
| Algorithm | Output length | Speed | Security |
|---|---|---|---|
| MD5 | 128 bits (32 hex chars) | Very fast | Broken — avoid for security |
| SHA-1 | 160 bits (40 hex chars) | Fast | Broken — avoid for security |
| SHA-256 | 256 bits (64 hex chars) | Moderate | Strong — recommended |
| SHA-512 | 512 bits (128 hex chars) | Slightly slower | Very strong |
Example hashes for "Hello" across algorithms:
MD5 : 8b1a9953c4611296a827abf8c47804d7 SHA-1 : f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0 SHA-256: 185f8db32921bd46d35cc2af78636c3aea7a7b4f19ab4ba82c0dff09b0b43a3
Practical Use Cases
Password Storage
Here's the key insight: SHA-256 is actually a poor choice for storing passwords, even though it's cryptographically strong. The problem is speed — SHA-256 is designed to be fast, which means an attacker with a GPU can try billions of guesses per second against a stolen hash database.
For passwords, use purpose-built slow hashing algorithms: bcrypt, Argon2, or scrypt. They're intentionally slow and include a cost factor you can tune upward as hardware gets faster.
// Node.js — using bcrypt
const bcrypt = require('bcrypt');
// Store password
const hash = await bcrypt.hash('mypassword', 12); // cost factor 12
// Verify password on login
const isMatch = await bcrypt.compare('mypassword', hash); // true
File Integrity Checks
SHA-256 is the standard for verifying downloads. Software distribution sites publish a SHA-256 checksum alongside their downloads — you compute the hash of your downloaded file and compare it to the published value. A match means the file is intact and untampered.
Data Deduplication and Caching
Hashing is an efficient way to detect duplicate content. Instead of comparing two large files byte by byte, you compare their hashes. If the hashes match, the files are identical. Git uses this approach internally — every commit, tree, and blob is identified by its SHA-1 (now transitioning to SHA-256) hash.
Frequently Asked Questions
- What's the difference between hashing and encryption?
- Encryption is reversible — with the right key, you can decrypt the data back to its original form. Hashing is irreversible — there's no key that recovers the original input. Use hashing for passwords and data integrity checks; use encryption (AES, RSA) when you need to recover the original data later. Confusing the two is a common security mistake.
- Is MD5 still safe to use?
- For non-security purposes — checksums to detect accidental corruption, cache keys, or generating unique filenames — MD5 is still fine. For anything security-related (authentication, digital signatures, data integrity against malicious tampering), MD5 is broken and should not be used. Researchers have demonstrated practical collision attacks, meaning two different inputs can be crafted to produce the same MD5 hash. Use SHA-256 or higher instead.
- What is a hash collision?
- A hash collision occurs when two different inputs produce the same hash output. Because hash functions map an infinite input space to a fixed-length output, collisions are theoretically inevitable. What matters is whether collisions can be deliberately engineered. MD5 and SHA-1 are vulnerable to intentional collision attacks. SHA-256 has no known practical collision vulnerabilities — it's considered collision-resistant for current use.
Summary
- Hashing is a one-way, deterministic transformation — the same input always produces the same output, but you can't reverse it
- MD5 and SHA-1 are broken for security purposes — use SHA-256 or SHA-512
- For passwords specifically, use bcrypt, Argon2, or scrypt — not general-purpose hash functions
- SHA-256 is the go-to for file integrity checks and checksums
Want to compute hash values right now? Try these tools:
- Hash Generator — compute MD5, SHA-1, SHA-256, and SHA-512 hashes in your browser
- Password Strength Checker — evaluate how strong a password actually is
- Base64 Encoder — encode binary data to Base64 for safe text transport