Application Security
Cryptographic Hash Reference
Search hash algorithms by name or use case to get security status, output length, recommended use cases, and attack resistance.
No data is transmitted — everything runs locallyTool
About this tool
Cryptographic Hash Reference
The Cryptographic Hash Reference covers MD5, SHA-1, SHA-256, SHA-3, bcrypt, Argon2id, and HMAC with security status, recommended use cases, and attack resistance.
• Confirm SHA-1 should not be used for digital signatures
• Choose between Argon2id and bcrypt for password storage
• Understand why HMAC-SHA256 is preferred over SHA-256 for message authentication
• Reference SHA-3 vs SHA-2 construction differences for a security architecture decision
Next step
Credential Rotation Gap Calculator — Estimate the backlog created when actual credential rotation lags written policy because each rotation wave carries r...
Open Credential Rotation Gap Calculator →
FAQ
What does this tool tell you?
The Cryptographic Hash Reference covers MD5, SHA-1, SHA-256, SHA-3, bcrypt, Argon2id, and HMAC with security status, recommended use cases, and attack resistance.
What affects the result most?
MD5: broken for security — collisions trivially found, only use for checksums. SHA-1: deprecated since 2017 — SHAttered collision attack published, don't use for signatures. SHA-256: standard for integrity — output length 256 bits, collision-resistant, use for HMAC.
How should I use the result?
Use this tool to orient quickly to the concepts, field names, or values you are about to look up in a full specification or vendor documentation. It summarizes the common cases; the authoritative source remains whichever standard or vendor doc defines the values themselves.
Related tools