Text

MD5 Hash Generator

Calculate the MD5 hash of any string instantly in your browser. Widely used for file integrity checks, but not recommended for security purposes due to proven collision attacks.

MD5

Tips

MD5 is a 128-bit hash function designed by Ronald Rivest in 1991. A collision attack (producing the same hash from different inputs) was demonstrated in 2004, making it unsuitable for any security-sensitive use.
MD5 is still widely used for file integrity checks — comparing the MD5 value published by a distributor with the one you calculate locally lets you detect accidental corruption (not malicious tampering).
Using MD5 to store passwords is extremely dangerous. Modern GPUs can compute MD5 billions of times per second, cracking short passwords almost instantly.
MD5 always outputs 128 bits (32 hexadecimal characters), regardless of the length of the input.
For storing passwords, use dedicated algorithms like BCrypt or Argon2 that are intentionally slow.

Side Note — The Inventor of MD5 and the Trajectory of a "Broken" Algorithm

MD5 (Message Digest Algorithm 5) was designed in 1991 by cryptographer Ronald Rivest (the "R" in RSA). It was widely adopted as a secure hash function, but design weaknesses were flagged in 1996, and in 2004 Chinese cryptographer Xiaoyun Wang and colleagues demonstrated a successful collision attack, sealing its retirement from security use.

In 2008, researchers reported the creation of a fraudulent SSL certificate exploiting MD5 collisions — forging a certificate with the same MD5 hash as a legitimate CA signature to enable man-in-the-middle attacks. This prompted major browsers and CAs to phase out MD5 in certificates entirely.

Today, MD5 survives primarily in non-security checksums. Verifying that a large file arrived intact after transfer — detecting accidental corruption rather than deliberate tampering — is a use case where MD5 still works perfectly well.