Hash functions: checksum vs security
Hashing maps data to a fixed-length digest. The right algorithm depends on your threat model.
Quick reference
- MD5 — legacy checksums only; not for security
- SHA-1 — deprecated for certificates; avoid for new designs
- SHA-256 — general-purpose secure hash for integrity checks
Passwords are different
Never hash passwords with bare SHA-256. Use adaptive algorithms with per-user salt.
Generate digests locally using the Hash Generator.