SHA-256 Hash Generator
What is SHA-256?
SHA-256 (Secure Hash Algorithm 256-bit) is part of the SHA-2 family, designed by the NSA and published by NIST in 2001. It produces a 256-bit (64 hex character) digest from any input of any length. SHA-256 is the most widely deployed hash function in the world today.
You encounter SHA-256 constantly, whether you notice it or not:
- TLS/HTTPS — every HTTPS certificate you trust uses SHA-256 for its signature
- Bitcoin — SHA-256 is used twice (SHA-256d) in Bitcoin's proof-of-work and for generating wallet addresses
- Git — modern Git repositories are migrating from SHA-1 to SHA-256 for object identifiers
- JWT tokens — the HS256 algorithm in JSON Web Tokens is HMAC-SHA-256
- Password storage — frameworks like bcrypt and PBKDF2 use SHA-256 as the underlying primitive
- Code signing — app stores verify installer integrity using SHA-256 checksums
How SHA-256 Works
SHA-256 uses the same Merkle–Damgård construction as SHA-1, but with a larger state and more rounds:
- Padding — the message is padded so its length in bits is ≡ 448 (mod 512), then the original 64-bit length is appended, making the total a multiple of 512 bits.
- Block splitting — the padded message is divided into 512-bit (64-byte) blocks.
- Compression — each block is fed into the compression function, which updates a 256-bit state consisting of eight 32-bit words (a–h) initialised to the fractional parts of the square roots of the first eight primes.
- Message schedule — each 512-bit block is expanded from 16 to 64 words using σ (sigma) functions: XOR combinations of right-rotations and right-shifts.
- Rounds — 64 rounds of mixing per block, using bitwise majority (Maj) and choice (Ch) functions plus 64 round constants derived from the cube roots of the first 64 primes.
- Output — the eight final state words are concatenated to form the 64-character hex digest.
The larger state (256 vs 160 bits) and more complex round functions make SHA-256 resistant to both collision and preimage attacks with today's computing power.
Avalanche effect
A single-bit change in the input flips roughly half the output bits. Try it: hash "hello" and "Hello" — the two digests share almost no characters.
SHA Hash Comparison
| Algorithm | Output | Security | Common Uses |
|---|---|---|---|
| SHA-1 | 160-bit / 40 chars | ❌ Deprecated | Legacy systems, Git (legacy) |
| SHA-256 (this tool) | 256-bit / 64 chars | ✅ Current standard | TLS, JWT, Bitcoin, passwords |
| SHA-384 | 384-bit / 96 chars | ✅ High security | TLS 1.3 cipher suites |
| SHA-512 | 512-bit / 128 chars | ✅ Highest in SHA-2 | High-security signatures |
Frequently Asked Questions
Can I reverse a SHA-256 hash?
No. SHA-256 is a one-way function. There is no known algorithm that recovers the original input. Brute-forcing a random 256-bit hash would take more operations than atoms in the observable universe.
Is SHA-256 safe for storing passwords?
Not on its own. Plain SHA-256 is extremely fast, which makes it easy to brute-force millions of guesses per second. Use a slow, salted algorithm like bcrypt, Argon2, or PBKDF2 for passwords. Those algorithms use SHA-256 internally but add salt and tunable work factors.
What is SHA-256d (double SHA-256)?
SHA-256d applies SHA-256 twice: SHA-256(SHA-256(input)). Bitcoin uses this to mitigate length-extension attacks, a weakness inherent in the Merkle–Damgård construction.
How is SHA-256 different from SHA-1?
SHA-1 produces a 160-bit digest and is broken for security use. SHA-256 produces a 256-bit digest, uses 64 rounds (vs 80 shorter ones in SHA-1), and has not been broken. See the SHA-1 tool for more.
Is SHA-256 the same as AES-256?
No. SHA-256 is a hash function (one-way, no key). AES-256 is a symmetric cipher (two-way, requires a key). They are unrelated algorithms that both happen to use 256-bit values.
