Is my file uploaded to any server?

No. The entire operation runs inside your browser using the WebCrypto API and the FileReader API. Your file bytes never leave your device.

Which hash algorithm should I use?

SHA-256 is the modern standard recommended for most integrity checks. SHA-512 is slightly stronger. MD5 and SHA-1 are provided for legacy compatibility only — they are cryptographically broken and should not be used for security-critical verification.

What is the maximum file size?

There is no hard limit imposed by this tool; the browser reads the entire file into memory. Very large files (several gigabytes) may slow down or fail depending on available RAM. Files under 2 GB process reliably on most devices.

How do I verify a checksum from a software vendor?

Download the file, then drop it here. Copy the hash that matches the algorithm the vendor published (commonly SHA-256). Paste the vendor-provided hash into the "Expected hash" field and click Verify — a green badge means the file is intact.

Why are MD5 and SHA-1 still shown?

Many older projects and tools still publish MD5 or SHA-1 checksums. The tool computes them for compatibility, while noting they should not be relied upon for security assurance.

File Checksum Verifier

Name: File Checksum Verifier
Availability: InStock
Author: Nham Vu

Drop a file to instantly compute its MD5, SHA-1, SHA-256, and SHA-512 checksums client-side — the file never leaves your browser.

Select a File

Drop file here or click to browse — any file type, any size

Verify Expected Hash

Checksums

Drop or select a file to compute hashes

All processing is done locally — your file never leaves this page

Copied!

Summary

Drop a file to instantly compute its MD5, SHA-1, SHA-256, and SHA-512 checksums client-side — the file never leaves your browser.

How it works

Drop a file onto the upload zone or click "Choose File" to select one.
The tool reads the file as an ArrayBuffer in your browser.
WebCrypto (SHA-1/256/512) and a pure-JS MD5 implementation compute all four digests.
All four hashes are displayed simultaneously in a copyable list.
Paste an expected hash in the verification box to check for a match.
A green checkmark or red mismatch indicator appears instantly.

Use cases

Verify a downloaded ISO or installer has not been tampered with.
Compare a file against a vendor-published SHA-256 checksum.
Audit file integrity before deploying build artifacts.
Confirm two copies of a file are identical without opening them.
Generate checksums to publish alongside your own releases.
Check whether a file changed between two points in time.

Frequently Asked Questions

Last updated: 2026-06-09 · Reviewed by Nham Vu