SHA-256 Hash Generator

Generate SHA-256 hash from any text

Input Text

Runs locally · Safe to paste secrets

SHA-256 Hash

SHA-256 hash will appear here…

Also try:MD5 Hash Generator SHA-1 Hash Generator SHA-384 Hash Generator SHA-512 Hash Generator HMAC Generator Hash Identifier

What Is SHA-256 Hashing?

SHA-256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function from the SHA-2 family, published by NIST in 2001 as part of FIPS 180-2 (updated in FIPS 180-4). Given any input — a single character, a multi-gigabyte file, or an empty string — SHA-256 produces a fixed 256-bit (32-byte) digest, conventionally displayed as 64 hexadecimal characters. SHA-256 is the most widely deployed hash function in production systems today, underpinning TLS certificate chains, Bitcoin’s proof-of-work, Subresource Integrity (SRI), and code-signing workflows.

SHA-256 is a one-way function: computing a hash from an input is fast (hundreds of megabytes per second on modern hardware), but reversing the process — finding an input that produces a given hash — is computationally infeasible. This property, called preimage resistance, makes SHA-256 suitable for password hashing (when combined with a salt and key-stretching), digital signatures, and data integrity verification. Unlike MD5 and SHA-1, no collision or preimage attack has been demonstrated against full SHA-256.

The SHA-2 family includes six variants: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256. SHA-256 operates on 32-bit words with 64 rounds per block, optimized for 32-bit processors. SHA-512 uses 64-bit words and 80 rounds, which can be faster on 64-bit platforms. For most applications where a 256-bit digest is sufficient, SHA-256 remains the default recommendation from NIST, IETF, and the CA/Browser Forum.

Why Use an Online SHA-256 Generator?

Generating a SHA-256 hash usually requires a terminal command or a few lines of code. This browser-based tool lets you compute SHA-256 digests without installing anything, switching contexts, or writing a script.

⚡

Instant Hashing in Your Browser

Paste or type any text and get the SHA-256 digest immediately. The Web Crypto API handles the computation natively — no JavaScript library overhead.

🔒

Privacy-First Processing

Your input never leaves your device. All hashing runs locally via the browser’s built-in Web Crypto API. No data is transmitted to any server.

📋

Copy-Ready Output Formats

Get the hash in lowercase or uppercase hex with one click. Useful when matching checksums from package managers, CI pipelines, or documentation.

🔍

Cross-Check Reference Values

Quickly verify SHA-256 digests from download pages, SBOM manifests, or audit logs without opening a terminal or writing throwaway code.

SHA-256 Use Cases

Frontend Developer — Subresource Integrity

Compute the SHA-256 hash of a CDN-hosted script or stylesheet to populate the integrity attribute in script and link tags, protecting against supply-chain tampering.

Backend Engineer — API Request Signing

Many APIs (AWS Signature V4, Stripe webhooks) require SHA-256 hashes of request payloads. Use this tool to compute reference hashes during development and debugging.

DevOps — Artifact Verification

Verify SHA-256 checksums of downloaded binaries, Docker base images, or Terraform provider plugins before deploying to production infrastructure.

QA Engineer — Test Vector Validation

Cross-reference SHA-256 outputs against NIST test vectors (FIPS 180-4 examples) to confirm that your hashing implementation handles edge cases correctly.

Data Engineer — Row-Level Fingerprinting

Hash composite keys or PII fields with SHA-256 to create deterministic, irreversible fingerprints for deduplication or pseudonymization in data pipelines.

Student — Cryptography Coursework

Experiment with SHA-256 to observe the avalanche effect: change a single character in the input and see how the entire 64-character output changes unpredictably.

SHA-2 Family Variants Comparison

SHA-256 belongs to the SHA-2 family defined in FIPS 180-4. Each variant trades off digest size, performance characteristics, and security margin. The table below compares all SHA-2 variants you are likely to encounter.

Variant	Digest Size	Hex Length	Byte Size	Best For
SHA-256	256 bits	64 hex chars	32 bytes	TLS, blockchain, code signing, JWTs, SRI
SHA-224	224 bits	56 hex chars	28 bytes	Truncated SHA-256 — rare, specific compliance
SHA-384	384 bits	96 hex chars	48 bytes	Government / CNSS, higher collision margin
SHA-512	512 bits	128 hex chars	64 bytes	Digital signatures, HMAC with large keys
SHA-512/256	256 bits	64 hex chars	32 bytes	SHA-512 speed on 64-bit CPUs, 256-bit output

SHA-256 vs SHA-1 vs MD5 vs SHA-3

Choosing the right hash algorithm depends on your security requirements and compatibility constraints. SHA-256 occupies the practical sweet spot: it is secure, universally supported (including the Web Crypto API), and fast enough for most workloads. The comparison table below covers the properties that matter most when selecting a hash function.

Property	SHA-256	SHA-1	MD5	SHA-3-256
Digest size	256 bits (64 hex)	160 bits (40 hex)	128 bits (32 hex)	256 bits (64 hex)
Security status	Secure	Broken (2017)	Broken (2004)	Secure
Collision resistance	2^128 operations	Practical attack	Practical attack	2^128 operations
Block size	512 bits	512 bits	512 bits	1600 bits (sponge)
Rounds	64	80	64	24
Standard	FIPS 180-4	FIPS 180-4	RFC 1321	FIPS 202
Web Crypto API	Yes	Yes	No	No
Primary use today	TLS, blockchain, SRI	Legacy git only	Non-security checksums	Backup standard

How SHA-256 Works Internally

SHA-256 processes input in 512-bit (64-byte) blocks through a Merkle–Damgård construction. The algorithm initializes eight 32-bit state words (H0–H7) derived from the fractional parts of the square roots of the first eight primes. Each block passes through 64 rounds of mixing that use bitwise operations (AND, XOR, NOT, right-rotate, right-shift) and 64 round constants derived from the cube roots of the first 64 primes.

Input: "hello world"
SHA-256: b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9
(256 bits = 32 bytes = 64 hex characters)

Step	Description
Padding	Append a 1-bit, then zeros until the message length is 448 mod 512. Append the original message length as a 64-bit big-endian integer.
Block splitting	Divide the padded message into 512-bit (64-byte) blocks.
Message schedule	Expand each 16-word (32-bit) block into 64 words using sigma functions with right-rotate and right-shift operations.
Compression	Process 64 rounds per block using Ch, Maj, and two Sigma functions with 64 round constants derived from cube roots of the first 64 primes.
Output	Concatenate the eight 32-bit state words (H0-H7) into a 256-bit (32-byte) digest, rendered as 64 hexadecimal characters.

The avalanche effect ensures that flipping a single bit in the input changes approximately 50% of the output bits. This property, combined with 2^128 collision resistance, is why SHA-256 remains the baseline recommendation for security-sensitive applications in 2026.

SHA-256 Code Examples

SHA-256 is available natively in every major language and runtime. The Web Crypto API provides it in browsers without any library. The examples below show real-world usage patterns including Unicode input handling and file hashing.

JavaScript (Web Crypto API)

// Works in all modern browsers and Node.js 18+
async function sha256(text) {
  const data = new TextEncoder().encode(text)
  const hashBuffer = await crypto.subtle.digest('SHA-256', data)
  const hashArray = Array.from(new Uint8Array(hashBuffer))
  return hashArray.map(b => b.toString(16).padStart(2, '0')).join('')
}

await sha256('hello world')
// → "b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9"

// Node.js (built-in crypto module)
const crypto = require('crypto')
crypto.createHash('sha256').update('hello world').digest('hex')
// → "b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9"

Python

import hashlib

# Basic SHA-256 hash
result = hashlib.sha256(b'hello world').hexdigest()
print(result)  # → "b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9"

# Hash a string (encode to bytes first)
text = 'café ☕'
hashlib.sha256(text.encode('utf-8')).hexdigest()
# → "3eb53e00aa1bb4b1e8aab1ab38e56e6b8fb0b20e1cf7e1d19f36e4fad2537445"

# Hash a file in chunks (memory-efficient)
with open('release.tar.gz', 'rb') as f:
    sha = hashlib.sha256()
    for chunk in iter(lambda: f.read(8192), b''):
        sha.update(chunk)
    print(sha.hexdigest())

package main

import (
    "crypto/sha256"
    "fmt"
)

func main() {
    data := []byte("hello world")
    hash := sha256.Sum256(data)
    fmt.Printf("%x\n", hash)
    // → b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9
}

CLI (Linux / macOS)

# Using sha256sum (Linux) or shasum (macOS)
echo -n "hello world" | sha256sum
# → b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9  -

# macOS
echo -n "hello world" | shasum -a 256
# → b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9  -

# Verify a file checksum
echo "b94d27b...  myfile.bin" | sha256sum -c
# → myfile.bin: OK

# Using openssl (cross-platform)
echo -n "hello world" | openssl dgst -sha256
# → SHA2-256(stdin)= b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9

Frequently Asked Questions

Is SHA-256 still secure?

Yes. As of 2026, no practical collision, preimage, or second-preimage attack has been found against full SHA-256. NIST, the CA/Browser Forum, and the IETF continue to recommend SHA-256 for TLS certificates, code signing, and digital signatures. The theoretical collision resistance is 2^128 operations, well beyond current computational limits.

What is the difference between SHA-256 and SHA-2?

SHA-2 is the family name for six hash functions: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256. SHA-256 is the most commonly used member. When documentation says "use SHA-2," it almost always means SHA-256 specifically unless a longer digest is required.

Can SHA-256 be reversed or decrypted?

No. SHA-256 is a one-way hash function, not encryption. There is no key and no decryption process. The only way to find the original input is a brute-force or dictionary attack, which is computationally infeasible for sufficiently complex inputs. For short or predictable inputs (like common passwords), precomputed rainbow tables exist, which is why password hashing should always use a salt and a dedicated KDF like bcrypt or Argon2.

How does SHA-256 compare to SHA-3?

SHA-3 (Keccak, FIPS 202) uses a completely different internal structure (sponge construction) than SHA-256 (Merkle–Damgård). Both SHA-256 and SHA-3-256 produce a 256-bit digest and offer equivalent collision resistance. SHA-3 was designed as a backup in case SHA-2 is broken, but SHA-2 remains unbroken. SHA-256 has broader runtime support — notably, the Web Crypto API supports SHA-256 but not SHA-3.

Is SHA-256 suitable for hashing passwords?

Not directly. A raw SHA-256 hash of a password is vulnerable to brute-force and rainbow table attacks because SHA-256 is designed to be fast. For password storage, use a dedicated key derivation function like bcrypt, scrypt, or Argon2id, which add a salt and a configurable work factor to slow down attacks.

Why does Bitcoin use double SHA-256?

Bitcoin computes SHA-256(SHA-256(data)) (known as hash256) for block headers and transaction IDs. The double application guards against length-extension attacks, where an attacker appends data to a message and computes a valid hash without knowing the original input. This is a property of Merkle–Damgård hashes that single-pass SHA-256 does not prevent.

What is Subresource Integrity (SRI) and how does SHA-256 relate to it?

SRI is a W3C specification that lets browsers verify that a fetched resource (script, stylesheet) has not been tampered with. You add an integrity attribute containing a Base64-encoded SHA-256 (or SHA-384/SHA-512) hash of the expected file content. The browser computes the hash of the downloaded file and refuses to execute it if the hashes do not match. SHA-256 is the minimum algorithm supported by SRI.