SHA-256 Generator
SHA-256 of any text or file. 64 hex characters per hash. The modern default for verification, signatures, content addressing, and most other cryptographic uses.
What SHA-256 is for
- File integrity checks — publishers post SHA-256 hashes; users hash the downloaded file and compare. The standard way to verify open-source releases.
- TLS / HTTPS certificates — modern certificates are signed with SHA-256.
- JWT signing (HS256, RS256) — both use SHA-256 internally. See jwt.tooljo.com.
- Bitcoin and most blockchains — SHA-256 is the proof-of-work hash.
- Content addressing — Git's transition, IPFS, content-defined chunking. Same content → same hash, always.
- Anonymising identifiers — hash an email or user ID before logging or sharing.
The math
SHA-256 is one of the SHA-2 family (others: SHA-224, SHA-384, SHA-512). Designed by the NSA in 2001, standardised by NIST in FIPS PUB 180-4. The core operation processes 512-bit chunks through 64 rounds of bit-mixing.
This page uses the browser's
crypto.subtle.digest("SHA-256", bytes) — the same
implementation that powers HTTPS verification in your browser.
Compared to other algorithms
| Algorithm | Output bits | Hex chars | Modern use |
|---|---|---|---|
| MD5 | 128 | 32 | ETags, dedup; broken for security |
| SHA-1 | 160 | 40 | Legacy only (Git internals); avoid for new work |
| SHA-256 | 256 | 64 | Default for new work |
| SHA-384 | 384 | 96 | SHA-512 truncated; less common |
| SHA-512 | 512 | 128 | Faster than SHA-256 on 64-bit hardware |
Want all algorithms at once?
The main tool shows MD5, SHA-1, SHA-256, SHA-384, SHA-512 side-by-side, with the currently-selected one highlighted. Useful when you have a hash but don't know what algorithm produced it.
FAQ
Why SHA-256 specifically?
It's the modern default for cryptographic hashing. Used by Bitcoin, TLS certificates, code signing, JWT (HS256/RS256), Git's transition to SHA-256, and most checksum publishing. Strong against known attacks, broadly supported, fast on modern hardware.
How long is a SHA-256 hash?
256 bits = 32 bytes = 64 hex characters. Or about 44 base64 characters with padding (43 unpadded base64url).
Is SHA-256 reversible?
No. Hash functions are designed to be one-way: given the hash, you cannot recover the input. The only way to find an input that produces a given SHA-256 is to try inputs (brute force), and the search space is 2256 — astronomically larger than the atoms in the observable universe. "Rainbow tables" only work against unsalted, common passwords; long random inputs are not recoverable in practice.
Can I use SHA-256 for password storage?
You shouldn't. SHA-256 is too fast — an attacker who compromises your hash database can try billions of passwords per second on a GPU. Use bcrypt, scrypt, or argon2id instead; those are designed to be intentionally slow. See our guide.
How does this compare to SHA-512?
SHA-512 produces a 512-bit output (vs 256). On 64-bit hardware it's actually faster than SHA-256 because it works in 64-bit words. Security-wise both are considered safe; SHA-512 has more security margin against unknown future attacks. Most systems still default to SHA-256 because the output is a more convenient size.