Hash Functions Explained: MD5, SHA-1, SHA-256, and When to Use Each

1 6 107
calendar_todayschedule4 min read

Hash functions are one of those foundational computing concepts that show up everywhere — file integrity checks, password storage, digital signatures, API authentication, blockchain — but the choice of which hash to use is often made without understanding what actually differs between them.

Let me explain the practical differences clearly.

What a Hash Function Does

A hash function takes an input of any length and returns a fixed-length output (the "hash" or "digest"). The key properties:

  1. Deterministic — the same input always produces the same output
  2. One-way — you cannot reverse the hash to recover the original input
  3. Avalanche effect — changing one character in the input completely changes the output
  4. Collision resistant — two different inputs should not produce the same hash (though collisions are mathematically possible)

The output length and collision resistance are what differ between algorithms.

The Main Algorithms

MD5 (128-bit output, 32 hex characters)

MD5 produces a 128-bit digest, displayed as 32 hex characters:

``

md5("hello") = 5d41402abc4b2a76b9719d911017c592

`

Status: Cryptographically broken. Collisions (two different inputs with the same hash) can be generated in seconds. MD5 is no longer suitable for any security-sensitive use case.

Still used for: Non-security checksums — verifying a file download wasn't corrupted in transit (corruption is accidental, not adversarial). Some legacy systems and database deduplication where collision attacks are not a concern.

Never use for: Password hashing, digital signatures, certificate fingerprinting, or any context where an attacker could craft a collision.

SHA-1 (160-bit output, 40 hex characters)

<code> <p>sha1("hello") = aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d</p> </code>

Status: Deprecated. Google demonstrated a practical SHA-1 collision attack in 2017 ("SHAttered"). Most certificate authorities stopped issuing SHA-1 certificates years ago, and major browsers no longer accept them.

Still used for: Git commit hashes (Git uses SHA-1 internally for object IDs — collision resistance for Git's use case is sufficient but Git is slowly migrating to SHA-256). Legacy systems.

Never use for: TLS certificates, code signing, password hashing, or anything security-critical.

SHA-256 (256-bit output, 64 hex characters)

<code> <p>sha256("hello") = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824</p> </code>

Status: Current standard. Use this for most things.

SHA-256 is part of the SHA-2 family and has no known practical vulnerabilities. It's used in:

  • TLS certificates (HTTPS)
  • Code signing
  • JWT signatures (HS256, RS256)
  • Bitcoin blockchain
  • HMAC authentication (HMAC-SHA256)
  • File integrity verification

When to use it: Any time you need a secure cryptographic hash for production use and don't have a specific reason to choose otherwise.

SHA-512 (512-bit output, 128 hex characters)

SHA-512 produces a longer digest and is slightly faster than SHA-256 on 64-bit processors for large inputs, due to its 64-bit word operations. The practical difference in security is negligible for most applications — both are currently unbroken.

Use when: You need a longer digest for protocol compatibility, or you're hashing very large files and can benchmark a performance difference.

SHA-3 (variable output)

SHA-3 (Keccak) is NIST's third-generation hash standard, with a fundamentally different internal structure from SHA-2. It's not faster than SHA-256 in most cases, but its different construction provides defence-in-depth if a theoretical attack on SHA-2's Merkle–Damgård structure were discovered.

Use when: Your threat model specifically requires defence against SHA-2 structural attacks, or a protocol requires SHA-3.

What Not to Use for Password Hashing

None of the above algorithms — including SHA-256 — should be used directly for storing passwords. They're all too fast.

An attacker with a GPU can compute billions of SHA-256 hashes per second, making dictionary and brute-force attacks trivial against a database of hashed passwords.

Use purpose-built password hashing algorithms instead:

  • bcrypt — deliberately slow, work factor adjustable
  • Argon2 — NIST recommended, resistant to GPU attacks, won the Password Hashing Competition
  • scrypt — memory-hard, makes GPU attacks expensive

These algorithms are specifically designed to be slow and computationally expensive, so brute-forcing a leaked password database takes years rather than hours.

Practical Verification Example

When you download software from the internet, many sites provide a SHA-256 hash of the file. After downloading, you verify it locally:

`bash
Linux / macOS
sha256sum downloaded-file.zip

macOS alternative

shasum -a 256 downloaded-file.zip

Windows PowerShell

Get-FileHash downloaded-file.zip -Algorithm SHA256

``

If the output matches the hash on the download page, the file arrived intact and unmodified.

Quick Reference

| Algorithm | Output Length | Security Status | Use For |

|-----------|--------------|----------------|---------|

| MD5 | 32 hex chars | Broken | Non-security checksums only |

| SHA-1 | 40 hex chars | Deprecated | Legacy only, avoid |

| SHA-256 | 64 hex chars | Secure | General purpose — use this |

| SHA-512 | 128 hex chars | Secure | Large files, protocol-specific |

| SHA-3 | Variable | Secure | Defence-in-depth, protocol-specific |


Need to generate or verify a hash in the browser? The Hash Generator supports MD5, SHA-1, SHA-256, SHA-384, and SHA-512 — runs entirely client-side, your input never leaves the browser. Useful for quick checksums and learning how different algorithms handle the same input.

🔥 Join developers growing publicly
Share your knowledge, build in public, and grow your developer presence with a global community.

More Posts

I’m a Senior Dev and I’ve Forgotten How to Think Without a Prompt

Karol Modelskiverified - Mar 19

TypeScript Complexity Has Finally Reached the Point of Total Absurdity

Karol Modelskiverified - Apr 23

Hash Functions Explained: MD5, SHA-1, SHA-256, and When to Use Each

SnappyTools - Jun 9

What Is SARIF and How Does It Help Security Tools Work Together?

Ganesh Kumar - Jul 4

MD5, SHA-1, SHA-256: What Hash Functions Actually Do

SnappyTools - May 13
chevron_left
2.4k Points114 Badges
101Posts
0Comments
SnappyTools builds free, fast, browser-based tools for developers, writers, and designers. No signup... Show more

Related Jobs

View all jobs →

Commenters (This Week)

1 comment
1 comment

Contribute meaningful comments to climb the leaderboard and earn badges!