Application Security
Cryptographic Hash Reference
Search hash algorithms by name or use case to get security status, output length, recommended use cases, and attack resistance.
Calculations run locally in your browserTool
About this tool
Cryptographic Hash Reference
The Cryptographic Hash Reference covers MD5, SHA-1, SHA-256, SHA-3, bcrypt, Argon2id, and HMAC with security status, recommended use cases, and attack resistance.
• Confirm SHA-1 should not be used for digital signatures
• Choose between Argon2id and bcrypt for password storage
• Understand why HMAC-SHA256 is preferred over SHA-256 for message authentication
• Reference SHA-3 vs SHA-2 construction differences for a security architecture decision
Next step
Credential Rotation Gap Calculator — Estimate the backlog created when actual credential rotation lags written policy because each rotation wave carries r...
Open Credential Rotation Gap Calculator →
FAQ
What does this tool tell you?
The Cryptographic Hash Reference covers MD5, SHA-1, SHA-256, SHA-3, bcrypt, Argon2id, and HMAC with security status, recommended use cases, and attack resistance.
What affects the result most?
MD5: broken for security — collisions trivially found, only use for checksums. SHA-1: deprecated since 2017 — SHAttered collision attack published, don't use for signatures. SHA-256: standard for integrity — output length 256 bits, collision-resistant, use for HMAC.
How should I use the result?
Use this tool to orient quickly to the concepts, field names, or values you are about to look up in a full specification or vendor documentation. It summarizes the common cases; the authoritative source remains whichever standard or vendor doc defines the values themselves.
Related tools