What hash types can this tool identify?

This tool identifies MD5 (32 hex chars), SHA-1 (40 hex chars), SHA-256 (64 hex chars), SHA-384 (96 hex chars), SHA-512 (128 hex chars), bcrypt ($2a$/$2b$/$2y$), argon2 ($argon2id$/$argon2i$/$argon2d$), scrypt ($scrypt$), SHA-256 crypt ($5$), SHA-512 crypt ($6$), NTLM (32 hex chars, uppercase pattern), and MySQL hashes (*hex format).

How does hash identification work?

Hash identification uses a combination of pattern matching techniques: checking the string length (e.g., 32 hex chars suggests MD5), looking for known prefixes ($2b$ for bcrypt), analyzing the character set (hex-only vs base64), and evaluating structural patterns. Multiple algorithms may match — the tool ranks them by likelihood.

Why is MD5 considered insecure?

MD5 produces a 128-bit hash that can be brute-forced at billions of attempts per second on modern GPUs. It's also vulnerable to collision attacks, meaning two different inputs can produce the same hash. For password hashing, use bcrypt, scrypt, or argon2 which are designed to be slow and memory-hard.

What's the difference between hashing and encryption?

Hashing is a one-way function — you can't recover the original input from a hash. Encryption is two-way — encrypted data can be decrypted with the right key. Passwords should be hashed (not encrypted) because you only need to verify them, never recover them.

Can this tool crack hashes?

No. This tool only identifies the hash algorithm — it doesn't attempt to crack or reverse the hash. Identifying the algorithm is the first step in understanding whether your hashing strategy is secure and choosing the right approach if you need to audit password strength.

Free Hash Identifier

Identify any hash type from its format and length

Paste any hash string to identify its algorithm. This tool analyzes the hash length, character set, and common prefixes to determine whether it's MD5, SHA-1, SHA-256, SHA-512, bcrypt, argon2, scrypt, NTLM, or another format — with confidence ratings and security recommendations.

Trusted by teams at

How it works

How Hash Identifier works

Paste your hash

Paste any hash value — from a database dump, password file, forensic image, or application log. Supports all common hash formats including salted and prefixed variants.

Pattern analysis

The tool examines the hash's length, character set, and structural patterns (like bcrypt's $2b$ prefix or argon2's $argon2id$ prefix) to narrow down the algorithm.

Get identification results

Receive a ranked list of possible algorithms with confidence levels, security assessment of the hash type, and recommendations for migration if it's a weak algorithm.

Features

What Hash Identifier checks

Detect 10+ hash algorithms

Identifies MD5, SHA-1, SHA-256, SHA-384, SHA-512, bcrypt, scrypt, argon2 (id/i/d), NTLM, and MySQL hashes based on length, encoding, and prefix patterns.

Recognize salted and prefixed hashes

Correctly identifies modular crypt format hashes like $2b$ (bcrypt), $6$ (SHA-512 crypt), $5$ (SHA-256 crypt), $argon2id$, and $scrypt$ with their parameters.

Assess hash security strength

Rates each identified algorithm on its resistance to brute-force attacks and recommends modern alternatives for weak algorithms like MD5 or SHA-1.

Handle multiple encoding formats

Supports hex-encoded, base64-encoded, and raw prefixed hash formats. Automatically detects the encoding before analyzing the underlying algorithm.

Provide cracking difficulty estimates

Gives context on how resistant the hash is to offline attacks, including approximate time-to-crack estimates for common password patterns.

Use cases

Who should use the free Hash Identifier

Penetration Testers

Quickly identify hash types found in database dumps, configuration files, or captured credentials during an engagement to choose the right cracking approach.

Security Auditors

Verify that applications use strong, modern hashing algorithms (bcrypt, argon2) instead of deprecated ones (MD5, SHA-1) during code reviews and compliance audits.

Forensic Analysts

Identify unknown hash formats encountered during incident response and digital forensics investigations to understand what systems or applications produced them.

More tools

All free security tools

FAQ

Frequently asked questions

Everything you need to know about the free Hash Identifier.

Go beyond Hash Identifier

This free Hash Identifier checks a handful of things. Maced's AI pentest checks thousands.

Get a full autonomous penetration test — including OWASP Top 10, authentication flaws, business logic errors, API security, and more — with a compliance-ready report in hours.

Start Pentest

Proof of exploit on every finding · SOC 2 & ISO 27001 compatible

Free Hash Identifier

Identify any hash type from its format and length

How Hash Identifier works

Paste your hash

Pattern analysis

Get identification results

What Hash Identifier checks

Detect 10+ hash algorithms

Recognize salted and prefixed hashes

Assess hash security strength

Handle multiple encoding formats

Provide cracking difficulty estimates

Who should use the free Hash Identifier

Penetration Testers

Security Auditors

Forensic Analysts

All free security tools

Scanners

Checkers

Decoders & Generators

Compliance & Assessments

Frequently asked questions

This free Hash Identifier checks a handful of things. Maced's AI pentest checks thousands.

Free Hash Identifierself.__wrap_n!=1&&self.__wrap_b("_R_138dav5ubtpfl7b_",1)

Identify any hash type from its format and lengthself.__wrap_n!=1&&self.__wrap_b("_R_158dav5ubtpfl7b_",1)

How Hash Identifier worksself.__wrap_n!=1&&self.__wrap_b("_R_l5dav5ubtpfl7b_",1)

Paste your hashself.__wrap_n!=1&&self.__wrap_b("_R_2j9dav5ubtpfl7b_",1)

Pattern analysisself.__wrap_n!=1&&self.__wrap_b("_R_2l9dav5ubtpfl7b_",1)

Get identification resultsself.__wrap_n!=1&&self.__wrap_b("_R_2n9dav5ubtpfl7b_",1)

What Hash Identifier checksself.__wrap_n!=1&&self.__wrap_b("_R_l5lav5ubtpfl7b_",1)

Detect 10+ hash algorithmsself.__wrap_n!=1&&self.__wrap_b("_R_339lav5ubtpfl7b_",1)

Recognize salted and prefixed hashesself.__wrap_n!=1&&self.__wrap_b("_R_359lav5ubtpfl7b_",1)

Assess hash security strengthself.__wrap_n!=1&&self.__wrap_b("_R_379lav5ubtpfl7b_",1)

Handle multiple encoding formatsself.__wrap_n!=1&&self.__wrap_b("_R_399lav5ubtpfl7b_",1)

Provide cracking difficulty estimatesself.__wrap_n!=1&&self.__wrap_b("_R_3b9lav5ubtpfl7b_",1)

Who should use the free Hash Identifierself.__wrap_n!=1&&self.__wrap_b("_R_l5tav5ubtpfl7b_",1)

Penetration Testersself.__wrap_n!=1&&self.__wrap_b("_R_1j9tav5ubtpfl7b_",1)

Security Auditorsself.__wrap_n!=1&&self.__wrap_b("_R_1l9tav5ubtpfl7b_",1)

Forensic Analystsself.__wrap_n!=1&&self.__wrap_b("_R_1n9tav5ubtpfl7b_",1)

All free security toolsself.__wrap_n!=1&&self.__wrap_b("_R_l65av5ubtpfl7b_",1)

Scanners

Checkers

Decoders & Generators

Compliance & Assessments

Frequently asked questionsself.__wrap_n!=1&&self.__wrap_b("_R_l6dav5ubtpfl7b_",1)

What hash types can this tool identify?

How does hash identification work?

Why is MD5 considered insecure?

What's the difference between hashing and encryption?

Can this tool crack hashes?

This free Hash Identifier checks a handful of things. Maced's AI pentest checks thousands.self.__wrap_n!=1&&self.__wrap_b("_R_15alav5ubtpfl7b_",1)

Free Hash Identifier

Identify any hash type from its format and length

How Hash Identifier works

Paste your hash

Pattern analysis

Get identification results

What Hash Identifier checks

Detect 10+ hash algorithms

Recognize salted and prefixed hashes

Assess hash security strength

Handle multiple encoding formats

Provide cracking difficulty estimates

Who should use the free Hash Identifier

Penetration Testers

Security Auditors

Forensic Analysts

All free security tools

Frequently asked questions

This free Hash Identifier checks a handful of things. Maced's AI pentest checks thousands.