SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function that produces a 160-bit (40-character hex) 'hash' or 'digest'. It was once a widely used standard but is now considered *insecure*.

No. SHA-1 is **not secure** and should not be used for any security-related application (like password hashing or digital signatures). In 2017, the 'SHAttered' attack demonstrated a practical 'collision' attack, proving the algorithm is broken.

What is a SHA-1 collision?

A 'collision' is when two different inputs (e.g., two different PDF files) produce the *exact same* SHA-1 hash. This is catastrophic for security, as it means a hash can no longer be trusted to verify a file's integrity. An attacker could create a malicious file that has the same SHA-1 hash as a safe file.

Should I use SHA-1, MD5, or SHA-256?

You should use **SHA-256** or **SHA-512**. Both SHA-1 and MD5 are considered broken, insecure, and vulnerable to collision attacks. They should only be used for verifying legacy checksums where security is not a concern.

SHA-1 Hash Generator (Insecure)

Online calculator for the broken SHA-1 hash algorithm.

Input Text

Mode

Output

Your Security Matters: Client-Side Processing

All operations happen in your browser.
Your data, images, files, keys, or passwords are never stored or sent to our servers.
We don't track or monitor your generated content.

What is SHA-1? (And Why Is It Insecure?)

SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function, published in 1995. It takes an input and produces a **160-bit** digest, which is represented as a **40-character hexadecimal string**.

WARNING: SHA-1 IS INSECURE AND BROKEN.
This tool is provided for educational purposes and for verifying legacy checksums only. **You should NEVER use SHA-1 for any new security application.**

Why is SHA-1 broken? A hash function's security relies on "collision resistance"—it should be practically impossible to find two different inputs that produce the same hash.

In 2017, Google announced the **"SHAttered" attack**, the first practical, public demonstration of a **SHA-1 collision**.
They were able to create two different PDF files that produced the *exact same* SHA-1 hash.
This attack proves that SHA-1 can no longer be trusted for data integrity, digital signatures, or password storage. An attacker can create a malicious file (like a fake contract) that has the same hash as a legitimate one.

Key Use Cases (Legacy Only):

Verifying Old Checksums: Its only valid use today is to verify the integrity of old files from software repositories that still list a SHA-1 hash.
Non-Cryptographic Use: It is still used by version control systems like **Git** to identify commits and objects. This is *not* a security use; it's an identifier. Even so, Git is actively transitioning away from it.

For all modern security needs, **you must use SHA-256 or SHA-512**.

SHA-1 Hash Examples

Loading SHA-1 examples...

SHA-1 Key Concepts & Warnings

🚫

DO NOT USE FOR SECURITY

This cannot be stated enough. Do not use SHA-1 for password hashing, digital certificates, or any system that requires cryptographic security. It is broken. Use **SHA-256** or **SHA-512** instead. All major browsers (Chrome, Firefox, etc.) have deprecated it.

💥

What is a Collision Attack?

A "collision" is finding two different inputs, A and B, such that hash(A) == hash(B). The "SHAttered" attack proved this is now cheap and practical to do for SHA-1. This means a bad actor could get you to "sign" a safe document, but then swap it with a malicious one that has the same hash.

GIT

Why Does Git Still Use SHA-1?

Git uses SHA-1 as a unique ID for commits and data objects, not as a security feature against a malicious attacker. It's used to check for *accidental* data corruption. However, because of the risk of collisions, the Git project is actively transitioning to SHA-256 as its internal hash function.