Privvert - private browser-based file toolsPrivvert

Hash generator

Compute SHA hashes from text or a file.

Or hash a file
Drop a file
any size your browser can read

About this tool

Compute cryptographic hash digests (MD5, SHA-1, SHA-256, SHA-384, SHA-512) of text or files. Hashes are used for verifying file integrity (checksums on downloads), creating quick fingerprints, deduping content, and as building blocks in security systems.

Privvert uses the browser's built-in Web Crypto API for SHA-family algorithms (so they're as fast as any native tool) and a small library for MD5. Everything runs locally - sensitive content never leaves your machine.

Features

  • MD5, SHA-1, SHA-256, SHA-384, SHA-512
  • Hash text or files
  • Hex output (lowercase)
  • Live updating as you type
  • Browser Web Crypto API for SHA
  • Browser-only - content never uploaded
  • Free and unlimited
  • Compares two hashes side-by-side for quick verification

How to use it

  1. Paste text, or drop in a file.
  2. Pick the hash algorithm.
  3. Copy the resulting hex digest.
🔒 100% private

Everything happens inside your browser using JavaScript and WebAssembly. Your files are never uploaded to a server, never stored, and never seen by us.

Frequently asked questions

Are MD5 and SHA-1 secure?

Not for security-critical use - both are vulnerable to collision attacks. They're still fine for non-security uses like file checksums and quick fingerprints. Use SHA-256 or SHA-512 for anything safety-critical.

What's a good algorithm for verifying downloads?

SHA-256 is the modern default. Most projects publish a SHA-256 checksum next to their downloads.

Can I hash a folder?

Hash files individually. There's no standard 'folder hash' - different tools combine file hashes differently.

Why is my hash different from another tool?

Make sure you're hashing the exact same bytes, with the same algorithm and the same encoding. Trailing newlines, BOMs, and CRLF vs LF line endings all change the hash.

Which hash should I use?

SHA-256 is the default modern choice for anything that needs a strong fingerprint. MD5 and SHA-1 are fine for non-security uses like deduplication but are broken for any context where an attacker could craft a collision. SHA-512 is overkill for almost everything outside cryptography.

Is the input text uploaded?

No. Hashes are computed by your browser's native crypto API. The input never leaves the page, so it's safe to hash passwords, API keys or other secrets for verification.