MD5 Hash Generator — Generate MD5 Checksums Online
MD5 generates a 128-bit hash fingerprint used for file integrity checking and checksums. Here's how to generate MD5 hashes, when MD5 is appropriate, and why you should use...
MD5 generates a 128-bit (32 hexadecimal character) hash of any input. It’s fast, widely available, and still used for non-security purposes like file checksums and data deduplication — despite being cryptographically broken for security applications.
Use the Hash Generator to generate MD5, SHA-256, SHA-512, and other hashes in your browser.
What MD5 produces
Input: "Hello, World!"
MD5: 65a8e27d8879283831b664bd8b7f0ad4
Input: "Hello, World" (no exclamation)
MD5: 82bb74cacd96100952f1aa03c2aced84Always 32 hexadecimal characters (128 bits), regardless of input size.
How to generate MD5
Online
- Open the Hash Generator
- Type or paste text in the input
- Select MD5 as the algorithm
- Copy the hash output
JavaScript (Node.js)
const crypto = require('crypto');
// Text hash:
const hash = crypto.createHash('md5')
.update('Hello, World!')
.digest('hex');
console.log(hash); // "65a8e27d8879283831b664bd8b7f0ad4"
// File hash:
const fs = require('fs');
const fileHash = crypto.createHash('md5')
.update(fs.readFileSync('file.txt'))
.digest('hex');Python
import hashlib
# Text:
hash_value = hashlib.md5(b'Hello, World!').hexdigest()
print(hash_value) # "65a8e27d8879283831b664bd8b7f0ad4"
# File (memory-efficient for large files):
def md5_file(filepath):
h = hashlib.md5()
with open(filepath, 'rb') as f:
for chunk in iter(lambda: f.read(8192), b''):
h.update(chunk)
return h.hexdigest()
print(md5_file('document.pdf'))Command line
# Linux:
echo -n "Hello, World!" | md5sum
# 65a8e27d8879283831b664bd8b7f0ad4 -
# File:
md5sum filename.txt
# macOS:
md5 filename.txt
echo -n "Hello, World!" | md5
# Windows PowerShell:
Get-FileHash -Algorithm MD5 filename.txtWhen MD5 is appropriate
MD5 is still appropriate for non-security use cases:
File integrity (non-adversarial): Verifying a file wasn’t corrupted during download or transfer. If both sides compute the same MD5, the file is intact. This assumes no malicious actor is trying to forge a matching hash.
Data deduplication: Comparing files by hash to find duplicates. MD5 is fast and produces a compact fingerprint. Collision attacks don’t matter here — if two files happen to hash the same (extremely rare in practice), the deduplication software would still identify them as potential duplicates.
Database record fingerprinting: Hashing a record’s content to detect changes. If MD5 matches the cached value, the record is unchanged.
Non-security caching keys: Using MD5 as a cache key for computed results (where the input content determines the key).
Legacy system compatibility: Older systems that only support MD5 for their existing checksum verification workflows.
When NOT to use MD5
MD5 is cryptographically broken for:
Password hashing: MD5 can hash 10+ billion passwords per second on commodity hardware. This makes dictionary attacks on MD5-hashed passwords trivial. Use bcrypt, Argon2, or scrypt instead.
Digital signatures: MD5 is vulnerable to chosen-prefix collision attacks — attackers can craft two different documents with the same MD5 hash. This means an MD5-signed document can be replaced with a malicious document with the same signature. Use SHA-256 or SHA-384 for signatures.
Message authentication (HMAC-MD5): While HMAC-MD5 is less obviously broken than raw MD5, SHA-256 is the current standard for HMAC. No new system should use HMAC-MD5.
TLS/SSL certificates: MD5 certificates were deprecated in 2008 after attacks were demonstrated. All modern CAs use SHA-256.
MD5 collision attacks explained
A collision is two different inputs that produce the same hash. MD5 collisions can be computed:
- 2004: Wang and Yu demonstrated MD5 collision attacks
- 2008: Researchers created two different X.509 certificates with the same MD5 hash
- Modern: MD5 collisions can be computed in seconds on a laptop
This breaks any security property that relies on “different data = different hash.” For checksums where you control both sides and no attacker is involved, MD5 is still technically functional — collisions just don’t matter there.
MD5 vs SHA-256 comparison
| Property | MD5 | SHA-256 |
|---|---|---|
| Output size | 128 bits (32 hex chars) | 256 bits (64 hex chars) |
| Speed | ~600MB/s | ~300MB/s |
| Collision resistance | Broken | Strong |
| Pre-image resistance | Not broken | Strong |
| Use for passwords | Never | Never (use bcrypt/Argon2) |
| Use for file checksums | Acceptable | Better choice |
| Use for security | No | Yes |
For new systems, always use SHA-256 or stronger. The speed difference is insignificant for most applications, and SHA-256’s security properties are sound.
Related tools
- Hash Generator — generate MD5, SHA-256, and other hashes
- MD5 Is Dead — why to migrate away from MD5
- SHA-256 Hash Generator — the secure alternative
Related posts
- MD5 Is Dead. Use These Instead. — MD5 was broken in 2004 and is trivially cracked for passwords. Here's what to us…
- bcrypt Password Hashing — Why You Should Use bcrypt and How to Implement It — bcrypt is the standard password hashing algorithm for web applications. Learn wh…
- File Integrity Verification with Checksums — SHA-256 and MD5 — Verify file integrity using SHA-256 and MD5 checksums. Learn how to generate and…
- SHA-256 Hash Generator — Hash Text and Files with SHA-256 — SHA-256 produces a 256-bit fingerprint of any input. It's the standard for passw…
Related tool
Generate MD5, SHA-1, SHA-256, and SHA-512 hashes client-side.
Written by Mian Ali Khalid. Part of the Encoding & Crypto pillar.