SHA-256 Hashing Explained: What It Is and When to Use It
SHA-256 is one of the most widely used cryptographic hash functions. Learn how it works, what it is used for, and when it is the right tool for the job.
SHA-256 is one of the most important cryptographic tools in modern computing. It secures Bitcoin transactions, verifies software downloads, stores passwords (as part of a larger system), and underpins HTTPS certificates. Yet most people who use applications that rely on SHA-256 have never heard of it, let alone understood what it does.
This guide explains SHA-256 clearly, without requiring a background in mathematics or cryptography.
What Is a Hash Function?
A hash function is a mathematical process that takes an input of any size and produces a fixed-size output called a hash (also called a digest or checksum). The output always has the same length regardless of the input size.
SHA-256 (Secure Hash Algorithm 256-bit) produces a 256-bit output, which is typically displayed as a 64-character hexadecimal string.
Examples:
-
Input:
hello -
SHA-256:
2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824 -
Input:
hello world -
SHA-256:
b94d27b9934d3e08a52e52d7da7dabfac484efe04294e576f3b4abf56a38a95b
Note that even though "hello" and "hello world" differ by only 6 characters, their hashes share almost no resemblance. This property is intentional and important.
The Core Properties of SHA-256
Deterministic. The same input always produces the same output. Give SHA-256 the word "hello" a billion times and it returns the same 64-character string every time.
Fixed output size. Whether you hash a single character or a 10 GB file, the output is always 64 hexadecimal characters (256 bits).
Avalanche effect. A tiny change to the input produces a completely different output. Changing a single character completely transforms the hash. This makes it impossible to "reverse-engineer" the input from small variations in the output.
Pre-image resistance. Given a hash, it is computationally infeasible to figure out what input produced it. You cannot reverse SHA-256. This is what makes it "one-way."
Collision resistance. It is computationally infeasible to find two different inputs that produce the same hash. Collisions theoretically exist (there are infinite possible inputs but only 2^256 possible outputs), but finding one is effectively impossible with current technology.
What SHA-256 Is Used For
File Integrity Verification
When you download software from the internet, the developer often publishes a SHA-256 checksum alongside the download. After downloading the file, you compute its SHA-256 hash and compare it to the published value. If they match, the file is identical to what the developer published and has not been tampered with.
This protects against man-in-the-middle attacks where a malicious party replaces the file mid-download, and against corrupted downloads where the file was damaged in transit.
Password Storage
Web applications do not (and should not) store your actual password. Instead, they hash the password before storing it. When you log in, the application hashes the password you enter and compares it to the stored hash. If they match, you are authenticated.
Blockchain and Cryptocurrency
Bitcoin and most cryptocurrencies use SHA-256 as their core cryptographic primitive. Each block in the Bitcoin blockchain contains the SHA-256 hash of the previous block, forming a chain where altering any historical block would invalidate all subsequent blocks. The SHA-256 proof-of-work algorithm requires miners to find an input whose hash starts with a certain number of zeros, which requires enormous computational effort and makes the blockchain practically immutable.
Digital Signatures and Certificates
HTTPS certificates (the ones that make the padlock appear in your browser) use SHA-256 as part of their digital signature scheme. When you connect to a website over HTTPS, your browser verifies a certificate signed with a SHA-256 hash to confirm you are talking to the real server and not an impersonator.
Message Authentication Codes (HMAC)
HMAC-SHA256 is a construction that combines SHA-256 with a secret key to create a message authentication code. This is used in API authentication: the client and server share a secret key, and the client signs each API request with HMAC-SHA256. The server can verify the signature without the key being transmitted.
SHA-256 vs. Other Hash Functions
| Hash function | Output size | Status | Common use |
|---|---|---|---|
| MD5 | 128 bits | Broken (collisions found) | Legacy checksums only |
| SHA-1 | 160 bits | Weakened | Being phased out |
| SHA-256 | 256 bits | Secure | General purpose |
| SHA-512 | 512 bits | Secure | When 256 bits is insufficient |
| SHA-3/Keccak | Variable | Secure | Alternative to SHA-2 family |
| bcrypt | 60 chars | Secure, slow | Password storage |
MD5 and SHA-1 should not be used for security-critical applications. Collisions have been demonstrated for both. For any new application, SHA-256 is the minimum recommended standard, and SHA-512 is appropriate when you need a larger security margin.
When NOT to Use SHA-256
SHA-256 is not the right tool for every problem:
- Storing passwords — use bcrypt, Argon2, or scrypt instead
- Encrypting data — hashing is not encryption; use AES for encryption
- Generating random values — use a cryptographically secure random number generator
SHA-256 is a one-way function for verifying integrity and authenticity, not for protecting confidentiality.
Generate a SHA-256 Hash
You can hash any string or file locally in your browser. The computation happens client-side using the Web Crypto API, so your input never leaves your device.