What is Hashing? Complete Guide with Examples

3 min readsecurity

Hashing is the process of converting input data of any size into a fixed-size output (hash or digest) using a mathematical function. Cryptographic hash functions are one-way (can't be reversed), deterministic (same input always produces same output), and collision-resistant (practically impossible to find two inputs with the same hash). Common algorithms include MD5 (128-bit, broken), SHA-256 (256-bit, secure), and bcrypt/Argon2 (password-specific, intentionally slow).

Try It Yourself

Use our free Hash Generator to experiment with hashing.

How Does Hashing Work?

Hash functions process input through mathematical operations (bitwise operations, modular arithmetic, substitution boxes) to produce a fixed-size output. SHA-256 processes data in 512-bit blocks through 64 rounds of operations, producing a 256-bit digest. The avalanche effect ensures that even a single bit change in input produces a completely different hash. Password hashing algorithms (bcrypt, Argon2) add a random salt and use intentionally slow computation (key stretching) to make brute-force attacks impractical.

Key Features

  • Multiple algorithm support: MD5, SHA-1, SHA-256, SHA-512, bcrypt, Argon2
  • Hex and Base64 output format options for different use cases
  • HMAC (Hash-based Message Authentication Code) support for keyed hashing
  • File hash calculation for integrity verification of downloads and transfers
  • Salt generation and application for password hashing best practices

Common Use Cases

Password Storage

Databases store bcrypt/Argon2 hashes of passwords, not plaintext. During login, the entered password is hashed and compared to the stored hash. Even if the database is breached, passwords aren't exposed.

Data Integrity Verification

Software downloads include SHA-256 checksums. After downloading, users hash the file and compare to the published checksum to verify the file wasn't corrupted or tampered with during transfer.

Digital Signatures

Digital signatures hash the document first, then encrypt the hash with a private key. The recipient decrypts with the public key and compares hashes to verify authenticity and integrity.

Frequently Asked Questions

Related Guides

Related Tools