All algorithms
A reference card per algorithm. Pick one to read what it's for, what attacked it, and what to use instead.
| Algorithm | Family | Bits | Year | Status | Notes |
|---|---|---|---|---|---|
| MD5 | MD | 128 | 1992 | broken | The world's most famous hash function, still everywhere despite being completely broken for security purposes since 2004. |
| SHA-1 | SHA-1 | 160 | 1995 | broken | The standard hash of the late-'90s web. Demonstrably collidable since 2017's SHAttered, but TLS, Git, and JWT all still ship code paths that touch it. |
| RIPEMD-160 | RIPEMD | 160 | 1996 | deprecated | The hash inside every Bitcoin and Ethereum address. Cryptographically strong-ish, but mostly here because Satoshi picked it. |
| HMAC-SHA256 | HMAC | 256 | 1996 | secure | The right way to authenticate a message with a shared secret. AWS V4 signatures, Stripe webhooks, JWT HS256: all HMAC-SHA256 underneath. |
| bcrypt | password | 184 | 1999 | deprecated | The first really-deliberately-slow password hash. Still everywhere (Rails, Laravel, Django defaults), but Argon2id is the modern pick. |
| SHA-256 | SHA-2 | 256 | 2001 | secure | The default cryptographic hash for the modern web. TLS certificates, Bitcoin, GitHub's new object IDs: all SHA-256 underneath. |
| SHA-384 | SHA-2 | 384 | 2001 | secure | Truncated SHA-512: the awkward middle child of the SHA-2 family. Mandated by NSA Suite B at the TOP SECRET level. |
| SHA-512 | SHA-2 | 512 | 2001 | secure | The big sibling of SHA-256. Faster on 64-bit hardware, larger output, identical security properties. |
| scrypt | password | 256 | 2009 | secure | Colin Percival's memory-hard answer to bcrypt's GPU vulnerability. Used by Litecoin and a long tail of password databases. |
| BLAKE2b | BLAKE | 512 | 2012 | secure | Faster than MD5, more secure than SHA-3. Quietly powers WireGuard, Argon2, libsodium, and most password managers' KDF inputs. |
| SHA3-256 | SHA-3 | 256 | 2015 | secure | Keccak under the SHA-3 banner: a totally different sponge construction from SHA-2, immune to length-extension by design. |
| SHA3-512 | SHA-3 | 512 | 2015 | secure | The 512-bit member of the SHA-3 family. Same sponge construction, more capacity, slower throughput. |
| Argon2id | password | 256 | 2015 | secure | Winner of the Password Hashing Competition. Memory-hard, side-channel resistant, three tunable knobs. The 2026 default. |
| BLAKE3 | BLAKE | 256 | 2020 | secure | Parallelizable hashing that beats every other secure algorithm on raw throughput. Has a built-in XOF, MAC, and KDF mode. |
The history of hash functions
- The Evolution of Hashing Algorithms: From MD5 to Modern Day
Why we moved from MD5 → SHA-1 → SHA-2 → SHA-3 / BLAKE.
Which one should you pick?
- Choosing the Right Hash Algorithm: A Decision Framework
Decision tree for picking the right hash for your use case.