What is MD5?
MD5 (Message-Digest Algorithm 5) is a hash function created by Ronald Rivest in 1991. It turns any input into a fixed 128-bit value shown as 32 hexadecimal characters. The same input always gives the same hash, but a one-character change gives a completely different result. MD5 is one-way — you cannot turn the hash back into the original text. It is still widely used for fast checksums and fingerprinting, but it is no longer safe for passwords or digital signatures because attackers can create collisions.
Heads-up: MD5 is great for checksums but not secure for passwords or signatures (collisions exist). For security use SHA-256. This tool runs entirely in your browser — your input never leaves your device.
How MD5 works
MD5 turns a message of any length into a fixed 128-bit digest in a few steps:
- Padding — the message is padded so its length is congruent to 448 modulo 512, then the original length is appended, making the total a multiple of 512 bits.
- Blocks — the padded message is split into 512-bit blocks.
- Processing — a 128-bit state (four 32-bit words) is updated by running each block through four rounds of bitwise operations, additions and rotations.
- Output — after the final block, the 128-bit state is written out as 32 hexadecimal characters: the MD5 hash.
Because every input bit is mixed into the state, changing a single character produces a completely different digest (the avalanche effect).
How to use
- Type or paste your text into the input box.
- The MD5 hash is calculated automatically as you type.
- Choose your output encoding (Hex or Base64) if needed.
- Click Copy to copy the digest to your clipboard.
Examples
| Input | MD5 hash |
|---|---|
hello | 5d41402abc4b2a76b9719d911017c592 |
abc | 900150983cd24fb0d6963f7d28e17f72 |
password | 5f4dcc3b5aa765d61d8327deb882cf99 |
(empty string) | d41d8cd98f00b204e9800998ecf8427e |
Options explained
- Output encoding — Show the digest as lowercase or uppercase Hex, or as Base64.
- Input encoding — Choose how your text is read into bytes (UTF-8 by default; UTF-16, Hex, Base64 and many charsets are supported).
- HMAC — Enable HMAC-MD5 and provide a secret key to produce a keyed hash that verifies both integrity and authenticity.
Common uses
- File integrity — compare a file's MD5 against a published checksum to confirm a download is intact.
- Deduplication — find identical files or records by comparing hashes instead of full content.
- Cache keys & ETags — generate a short, stable fingerprint of content.
- Non-security fingerprinting — quickly identify content where collisions are not a threat.
Frequently asked questions
Can an MD5 hash be reversed?
No. MD5 is one-way, not encryption. Short or common inputs can sometimes be found via lookup tables, but the hash itself cannot be mathematically reversed.
Is MD5 secure?
Not for security. MD5 is vulnerable to collisions, so avoid it for passwords, certificates and signatures. It is fine for non-security checksums.
How long is an MD5 hash?
128 bits — 32 hexadecimal characters (or 24 characters in Base64), regardless of input size.
What is HMAC-MD5?
HMAC-MD5 combines MD5 with a secret key to produce a keyed hash that verifies both integrity and authenticity.
MD5 vs SHA-256 — which should I use?
Use MD5 only for fast, non-security checksums. For anything involving security, use SHA-256, which is collision-resistant.