UtilityBase logoUtilityBase

2 min read

MD5 vs SHA-256: Hashing Explained

What a hash function actually does, why MD5 is broken for security, where SHA-256 fits, and the crucial difference between hashing and encryption.

What a hash function does

A hash function takes any input — a word, a file, a gigabyte of video — and produces a fixed-length string called a digest (SHA-256 always outputs 256 bits, or 64 hex characters). Two properties make it useful: it's deterministic (the same input always yields the same digest) and it's one-way (you can't reverse the digest back into the input). Change a single bit of input and the entire digest changes unrecognizably — the 'avalanche effect.'

That makes hashes ideal for fingerprinting: verifying a download wasn't corrupted or tampered with (compare its hash to the published one), detecting duplicate files, or checking whether data changed. A hash is not a password vault or a secret — it's a compact, tamper-evident summary of data.

Why MD5 is broken — and where SHA-256 fits

MD5 produces a 128-bit digest and is fast, but it's cryptographically broken: researchers can deliberately craft two different inputs that produce the same MD5 digest — a 'collision.' That destroys its security value, because an attacker could swap a safe file for a malicious one with a matching hash. MD5 is fine only for non-security uses like a quick checksum against accidental corruption; it must never guard integrity where someone might attack it.

SHA-256 (part of the SHA-2 family) produces a 256-bit digest and has no practical collision attacks, which is why it underpins TLS certificates, software signing, and blockchains. For any security-relevant integrity check, SHA-256 is the sensible default. Note that WebCrypto in browsers deliberately doesn't even ship MD5 or SHA-1 for signing — a quiet nudge toward the algorithms that still hold up.

  1. 1Open the Hash Generator and paste text or drop a file.
  2. 2Compare the MD5, SHA-1, and SHA-256 outputs — note they're different lengths.
  3. 3To verify a download, hash the file and compare against the publisher's posted SHA-256.
  4. 4For authentication codes, add a secret key to switch the outputs to HMAC (keyed hashing).
  5. 5Use SHA-256 for anything security-related; treat MD5 as a corruption checksum only.

Hashing is not encryption

The most important distinction: hashing is one-way and keyless, while encryption is two-way and keyed. You encrypt data to later decrypt it with a key; you hash data precisely because you never want to get the original back. 'Decrypting a hash' isn't a thing — attackers instead guess inputs and compare hashes, which is why password storage adds a random salt and a deliberately slow algorithm (bcrypt, scrypt, Argon2) rather than a plain fast SHA-256.

For verifying that a message came from someone with a shared secret, you don't use a bare hash — you use HMAC, which mixes a secret key into the hashing so only key-holders can produce a valid tag. That's the difference between 'this data is intact' (a hash) and 'this data is intact and from someone who knows the key' (an HMAC). Pick the tool to the job: checksums for corruption, SHA-256 for integrity, HMAC for authenticity, and a slow salted KDF for passwords.

Frequently asked questions

Is MD5 safe to use?

Only for non-security checksums against accidental corruption. MD5 is broken for anything an attacker might target, because deliberate collisions (two inputs with the same hash) are easy to produce. For integrity that matters, use SHA-256.

Can you reverse or decrypt a hash?

No — hashing is one-way by design, so there's no key to reverse it. Attackers instead guess likely inputs and compare hashes. That's why passwords are stored with a random salt and a slow algorithm, so guessing is impractically expensive.

When should I use HMAC instead of a plain hash?

When you need to prove a message came from someone holding a shared secret, not just that it's intact. HMAC mixes a secret key into the hash, so only key-holders can produce a valid tag. A plain hash verifies integrity; HMAC verifies integrity and authenticity.

Tools mentioned in this guide

Keep reading