SHA-256 checksums without uploading the payload
Paste text; get 64-hex SHA-256. Good default for integrity checks you run yourself.
chars: 10
When to use
Verifying downloads you already have as text, or building doc examples — still not a password KDF.
Examples
How it works
crypto.subtle.digest('SHA-256') → hex/Base64 toggle.
Common pitfalls
- Hashing ≠ encryption; digests are one-way but unsalted passwords are still unsafe.
- File hashing needs the same bytes (line endings!).
- HMAC is a different construction.
How this differs
Stronger than MD5/SHA-1 for checksums. UUID/random tools generate IDs, not content hashes.
FAQ
Is hashing encryption?
No.
Password storage?
Still no — use dedicated KDFs.
HMAC?
Out of scope unless a separate control exists.
Related?
SHA-1 / MD5 legacy pages.
Related tools
Runs in your browser. Nothing is uploaded. Not a security product —hashes and JWT decode are for debugging, not password storage or auth advice.