Converter Web ToolsConverter WebTools

MD4 Hash

Generate a MD4 hash from any text instantly. Everything is computed in your browser, so your input never leaves your device.

Input
Output
Share Link
Settings
Hash

What is MD4?

MD4 is a cryptographic hash function from the MD family that produces a 128-bit (32-character hexadecimal) digest and is now considered cryptographically broken due to collision vulnerabilities discovered since 2007. This free online MD4 Hash Generator tool runs entirely in your browser, processes text instantly without uploading to any server, requires no sign-up or account, and generates the complete MD4 hash output for any input string. While MD4 remains in limited legacy use for Windows NTLM authentication and some file-sharing protocols, it should not be used for security-critical applications.

How MD4 works

The MD4 algorithm processes input text through three rounds of 16 operations each (48 operations total), using a 512-bit block size and different nonlinear functions per round. The hash function transforms any input of any length into a fixed 128-bit output represented as a hexadecimal string.

How it works step-by-step:

  1. The input text is preprocessed with padding to ensure it fits into 512-bit blocks
  2. Four 32-bit state variables (A, B, C, D) are initialized with fixed constants
  3. The three rounds of operations modify these variables using bitwise operations, additions, and constants
  4. The final state values are concatenated and converted to hexadecimal to produce the 32-character digest

Example: The input text "Hello" generates the MD4 hash aa0b5c65b4c0c96dd3f7c47dd3c19f9e (a unique 32-character fingerprint). Different input text produces completely different output, and the same input always produces the identical hash.

How to use

  1. Type or paste your text into the input box.
  2. The MD4 hash is calculated automatically as you type.
  3. Choose your output encoding (Hex or Base64) if needed.
  4. Click Copy to copy the digest to your clipboard.

Common uses

  • Legacy Windows NTLM authentication verification for system password checks and network authentication
  • File integrity checking in older peer-to-peer networks and legacy file-sharing protocols
  • Learning and educational purposes to understand how cryptographic hash functions operate
  • Verifying legacy checksums for old backup files or archived systems that used MD4 historically
  • Testing and compatibility purposes in systems that must interact with legacy MD4-based authentication systems
  • Quick fingerprinting of data where cryptographic strength is not required

Frequently asked questions

Is MD4 secure for passwords?
No. MD4 is cryptographically broken and should never be used for password storage or security-critical applications. Collision attacks can generate different inputs with the same hash in less than two operations. Use MD5, SHA-1, or modern algorithms like SHA-256 and bcrypt instead.
Can I reverse an MD4 hash back to the original text?
No. MD4 is a one-way cryptographic function. The hash cannot be reversed to recover the original input. Hashes are deterministic but not reversible, though brute-force or rainbow table attacks may reveal weak/simple inputs.
What is the output size of MD4?
MD4 always produces a 128-bit digest, displayed as a 32-character hexadecimal string (each character represents 4 bits). Regardless of input size, the output is always exactly 32 hex characters.
Is my data uploaded to a server?
No. This MD4 Hash Generator runs entirely in your browser using JavaScript. Your text is processed locally on your device and nothing is sent to any server, ensuring complete privacy.
Why is MD4 still used if it is broken?
MD4 remains in use mainly for Windows NTLM authentication, legacy systems, and some peer-to-peer protocols where changing it would break compatibility. It should not be adopted for new projects.
Can two different inputs produce the same MD4 hash?
Yes, but extremely rarely by accident. MD4 is designed to minimize collisions, though researchers have found practical collision attacks since 2007. For cryptographic purposes, this is a major weakness.