What is SHA-256?

SHA-256 is a secure 256-bit cryptographic hash function from the SHA-2 family, widely used for integrity, signatures, and blockchains.

SHA-256 is a cryptographic hash function that produces a 256-bit output, shown as a 64-character hexadecimal string. Part of the SHA-2 family designed by the NSA and published by NIST, it is one of the most widely deployed secure hash functions in the world, trusted for verifying integrity, generating digital signatures, and securing systems like TLS certificates and cryptocurrencies.

Unlike MD5 and SHA-1, SHA-256 has no known practical collision or preimage attacks. Its large output space and robust design make it computationally infeasible to find two inputs with the same hash or to reverse a hash back to its input. This security margin is why it remains the default recommendation for general-purpose cryptographic hashing today.

SHA-256 appears throughout modern infrastructure. It verifies that software downloads and system files have not been tampered with, forms the basis of digital signatures and certificate fingerprints, is the proof-of-work hash behind Bitcoin, and is a component of HMAC-based message authentication and many key-derivation schemes. Its combination of speed and strength suits a broad range of integrity tasks.

One important caveat concerns passwords. SHA-256 is intentionally fast, which is a liability for password storage because attackers can compute billions of guesses per second. Passwords should instead use slow, salted algorithms like bcrypt, scrypt, or Argon2. For everything else — file integrity, signatures, fingerprints — SHA-256 is an excellent, standard choice.

Examples

  • SHA-256 of 'hello' → 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
  • Publishing a file's SHA-256 checksum so users can verify their download
  • The proof-of-work hash securing the Bitcoin blockchain

Frequently asked questions

Free tools for working with SHA-256

Related terms