Hash Generator

MD5 is cryptographically broken — collisions can be generated in seconds. However, it's still fine for non-security uses like checksums, cache keys, and deduplication where collision resistance against adversaries isn't required.

Hashing is a one-way function: you cannot recover the input from the output. Encryption is two-way: data can be decrypted with the correct key. Use hashing for verification (passwords, integrity checks), encryption for confidentiality.

Never use raw SHA-256 or MD5 for passwords. Use purpose-built algorithms: Argon2id (recommended), bcrypt, or scrypt. These are deliberately slow and include salt to resist brute-force and rainbow table attacks.

A salt is random data added to the input before hashing. It ensures that identical inputs produce different hashes, preventing rainbow table attacks and making brute-force attacks much harder.

Generate a hash (SHA-256 recommended) of the downloaded file and compare it to the hash published by the source. If they match, the file hasn't been tampered with or corrupted during transfer.