Development

Modern Cryptographic Hashes: Choosing the Right One

By AZ Utils Editorial · · 11 min read

Modern Cryptographic Hashes: Choosing the Right One

SHA-256 is the hash most developers reach for, but it is one member of a broad and evolving family, and choosing the right hash for the job matters more than many people realise. Use a fast integrity hash where you need a slow password hash, or a deprecated algorithm where you need a current one, and you introduce real risk. This guide surveys the landscape of modern cryptographic hashes — the major families, what each is for, and how to choose.

It is written for developers making cryptographic choices, students mapping the field, and engineers who want a clear picture of which hash belongs where.

First, Separate the Categories

The single most useful thing to understand is that "hash function" covers several categories with different goals, and mixing them up is the root of most mistakes. There are general-purpose cryptographic hashes built for speed and integrity, like SHA-256. There are password-hashing functions built to be deliberately slow, like Argon2. There are keyed hashes and message authentication codes like HMAC, built to prove authenticity with a secret key. And there are older, deprecated hashes like MD5 and SHA-1 that should be retired. These are not interchangeable; each was designed for a distinct purpose, and the right choice depends entirely on what you are trying to achieve.

In short: Use fast cryptographic hashes (SHA-256, SHA-3, BLAKE2/3) for integrity and fingerprinting; slow password hashes (Argon2, scrypt, bcrypt, PBKDF2) for passwords; HMAC for keyed authentication; and retire deprecated hashes (MD5, SHA-1). Match the hash to the job.

The SHA-2 Family

SHA-2 is the workhorse family of general-purpose cryptographic hashes, standardised in the early 2000s and still the default recommendation for most integrity and fingerprinting tasks. Its best-known member is SHA-256, with a 256-bit output, but the family also includes SHA-512 (a 512-bit output that can be faster on 64-bit hardware), along with SHA-224 and SHA-384. SHA-2 is mature, widely supported, and has no practical attacks against it, which is why it underpins TLS, code signing, blockchains and countless other systems. For everyday "I need a secure hash" needs, a SHA-2 variant — usually SHA-256 — is the safe, conventional choice.

SHA-3 (Keccak)

SHA-3 is a newer standard, selected through a public competition and finalised in 2015. Importantly, it is not a patch on SHA-2 but a completely different internal design, based on a construction called a sponge rather than the Merkle–Damgård approach SHA-2 uses. This diversity is its main strategic value: because SHA-3 is built differently, a future breakthrough that weakened SHA-2 would be unlikely to affect SHA-3, giving the world a ready alternative. In practice SHA-2 remains perfectly secure and far more widely deployed, so SHA-3 is used where its particular properties or design diversity are specifically wanted rather than as a routine replacement. Both are excellent; SHA-2 is the default, and SHA-3 is the standardised backup with a different lineage.

BLAKE2 and BLAKE3

BLAKE2 and the newer BLAKE3 are modern cryptographic hashes designed to be very fast while remaining secure, often outperforming SHA-2 in software. BLAKE3 in particular is notable for its speed and its ability to take advantage of multiple CPU cores and modern instructions, making it attractive for hashing large amounts of data quickly. They are strong, well-regarded choices for integrity and fingerprinting where performance matters, and they appear increasingly in tools and systems that hash large files or streams. They are general-purpose hashes in the same category as SHA-2 — fast, for integrity, not for passwords.

Password-Hashing Functions Are a Separate Category

It bears repeating in any survey of hashes that password hashing is its own category with the opposite design goal. Argon2 (the winner of the Password Hashing Competition), scrypt, bcrypt and PBKDF2 are built to be deliberately slow and, in the case of Argon2 and scrypt, memory-hard, so that brute-forcing stolen password hashes is prohibitively expensive. You must never substitute a fast hash like SHA-256 for one of these when storing passwords, no matter how convenient it seems. The full reasoning and practice are covered in Password Hashing Best Practices; the key point for this landscape view is simply that these belong in a different box from SHA-2, SHA-3 and BLAKE, and are chosen for slowness rather than speed.

HMAC and Keyed Hashes

Another distinct tool is HMAC (Hash-based Message Authentication Code), which combines a cryptographic hash with a secret key to produce a value that proves both the integrity and the authenticity of a message. Where a plain hash lets anyone verify that data has not changed, an HMAC lets only someone with the secret key produce or verify the code, so it proves the message came from a party holding the key. HMAC is used extensively in API request signing, token verification (including the HS256 algorithm in JWTs), and secure cookies. It is typically built on a SHA-2 hash — HMAC-SHA-256 is very common — which shows how the general-purpose hashes serve as building blocks for higher-level constructions. When your need is "prove this came from us and was not tampered with," a keyed construction like HMAC, not a bare hash, is the right tool.

The Deprecated Hashes: MD5 and SHA-1

Finally, two older hashes should be recognised mainly so they can be retired. MD5 (128-bit) and SHA-1 (160-bit) were once standard but are now cryptographically broken: practical collision attacks exist for both, with SHA-1 collisions demonstrated publicly in 2017. Neither should be used for any security purpose. They linger in legacy systems and, in MD5's case, as fast non-security checksums for accidental corruption, but in any context where an attacker might benefit from forging a match, they are unsafe. Part of choosing modern hashes well is auditing for these older ones and replacing them with current standards. The detailed comparison is in SHA-256 vs MD5.

Why the Landscape Keeps Evolving

It is natural to wonder why there are so many hash functions and why new ones keep appearing, when SHA-256 already works well. The answer reveals something important about cryptography: the field advances on two fronts at once, and both drive the creation of new designs. On one front, cryptanalysts continually probe existing functions for weaknesses, and history shows that algorithms once considered secure — MD5, SHA-1 — eventually fall. The community responds by keeping stronger alternatives ready before they are urgently needed, so that when a weakness emerges there is somewhere to migrate. SHA-3 was standardised in part as exactly this kind of insurance: a secure hash built on a fundamentally different design, so that a breakthrough against SHA-2's family would not leave the world without options.

On the other front, hardware and use cases evolve, creating demand for functions optimised for new conditions. BLAKE3, for instance, was designed to exploit modern multi-core processors and vector instructions, hashing large data dramatically faster than older functions. Password-hashing functions like Argon2 emerged because attackers gained access to cheap parallel hardware, demanding hashes that are not just slow but memory-hard to neutralise that advantage. The proliferation of hashes is therefore not noise or fashion; each well-regarded function answers a specific need — design diversity, raw speed, resistance to specialised cracking hardware — that the others do not fully cover. Understanding this turns the seemingly cluttered landscape into a rational toolkit, where each tool earns its place by doing one job especially well.

The Role of Standards and Public Review

A theme worth drawing out is how much the trustworthiness of these functions depends on open standards and public scrutiny rather than secrecy. The strongest hashes are those that have been published openly, standardised by bodies like NIST, and subjected to years of attempted attacks by cryptographers around the world. SHA-2 and SHA-3 are federal standards; Argon2 won an open competition judged by the cryptographic community; BLAKE descends from a SHA-3 competition finalist. In every case, the credibility comes from the algorithm having been examined exhaustively in public and having survived. This is the opposite of "security through obscurity," and it is why the consistent professional advice is to use standardised, well-reviewed primitives and never to invent or use a secret, unexamined hash.

This reliance on public review also explains why responding to deprecation matters. When the community reaches consensus that a function like MD5 or SHA-1 is broken, that judgement is the distilled result of the same open process that establishes trust in the survivors. Ignoring it — keeping a deprecated hash in security-sensitive code because it still seems to work — discards the very expertise that makes the field reliable. Choosing modern hashes well, then, is partly a matter of staying aligned with the community's evolving consensus: defaulting to the current standards, watching for deprecations, and being ready to migrate. The standards process does the hard cryptographic work; your job is to follow its conclusions rather than second-guess them.

How to Choose the Right Hash

Bringing it together, the choice is driven by the goal rather than by which algorithm is fashionable. If you need to verify integrity or produce a fingerprint of data, reach for a current general-purpose hash — SHA-256 by default, or BLAKE3 if you need speed on large data, or SHA-3 if you specifically want design diversity. If you need to store passwords, reach for a dedicated slow hash — Argon2 preferably, or scrypt, bcrypt or PBKDF2. If you need to authenticate a message with a shared secret, reach for HMAC over a SHA-2 hash. And if you find MD5 or SHA-1 anywhere security-sensitive, plan to replace it. Ask "what am I actually trying to achieve — integrity, password storage, or authenticated messaging?" and the right family follows immediately.

Bringing the Landscape Together

Stepping back, the apparent complexity of the modern hash landscape collapses into a short, memorable map once you organise it by purpose. For verifying that data has not changed and for fingerprinting content, you have a small set of fast, secure general-purpose hashes, with SHA-256 as the default and SHA-3 and BLAKE3 as alternatives for diversity or speed. For storing passwords, you have a separate set of deliberately slow, salted, memory-hard functions, with Argon2 leading. For proving a message came from a holder of a secret key, you have keyed constructions like HMAC built on top of the general-purpose hashes. And in the discard pile sit MD5 and SHA-1, kept around only to be recognised and replaced. Three live categories and one graveyard — that is the whole picture.

What ties the map together is the single habit of choosing by goal rather than by reputation or familiarity. The most common and most damaging cryptographic mistakes come from category errors: using a fast integrity hash for passwords, using a bare hash where authentication was needed, or clinging to a deprecated algorithm. None of these are failures of the algorithms themselves; they are failures to match the tool to the task. If you internalise the categories and ask, each time, "is my goal integrity, password storage, or authenticated messaging?", the correct family — and usually the correct specific function — follows immediately. The hashes themselves are the easy part, supplied ready-made and battle-tested by your standard library; the skill that actually protects your systems is knowing which one to call.

Finally, it is worth holding both stability and vigilance in mind at once. SHA-256 has been the dependable default for two decades and shows every sign of remaining so, so there is no need to chase every new algorithm or to feel that your knowledge is perpetually obsolete. At the same time, the field does move, deprecations do happen, and the systems that age gracefully are those built to swap a hash when the day comes. The practical stance, then, is calm and current: use the well-established defaults, follow the community's deprecations, keep your designs flexible, and let the standards process — not novelty or nostalgia — guide your choices. Do that, and the modern hash landscape stops being intimidating and becomes a reliable, well-organised toolkit you can navigate with ease.

Try Our Free SHA-256 Hash Generator

To experiment with the most widely used modern hash, use our SHA-256 Hash Generator.

  • ✅ Hash any text with SHA-256, the default secure choice
  • ✅ Compare hashes to verify integrity
  • ✅ Runs entirely in your browser

👉 Generate a SHA-256 hash now →

Common Mistakes

  1. Using a fast integrity hash for passwords. SHA-256 and friends are the wrong category for password storage.
  2. Using a bare hash where you need authentication. Proving origin requires a keyed construction like HMAC, not a plain hash.
  3. Keeping MD5 or SHA-1 in security-sensitive code. Both are broken and should be retired.
  4. Chasing the newest algorithm unnecessarily. SHA-256 remains an excellent default; novelty is not a requirement.
  5. Implementing any of these yourself. Use vetted libraries for all cryptographic hashing.

Best Practices

  • Match the hash family to the goal — integrity, passwords, or authenticated messaging.
  • Default to SHA-256 for general integrity and fingerprinting.
  • Use Argon2/scrypt/bcrypt/PBKDF2 for passwords, never a fast hash.
  • Use HMAC over SHA-2 when you need keyed authentication.
  • Retire MD5 and SHA-1 from security contexts.
  • Always use trusted library implementations.

Frequently Asked Questions

What are the modern cryptographic hash functions?

The main current general-purpose hashes are the SHA-2 family (including SHA-256 and SHA-512), SHA-3, and BLAKE2/BLAKE3. Password hashing uses Argon2, scrypt, bcrypt or PBKDF2, and keyed authentication uses HMAC, usually over SHA-2.

Is SHA-256 still recommended?

Yes. SHA-256 remains a secure, widely supported default for integrity and fingerprinting, with no practical attacks. Newer hashes like SHA-3 and BLAKE3 are alternatives chosen for design diversity or speed, not replacements made necessary by any SHA-2 weakness.

What is the difference between SHA-2 and SHA-3?

They are both secure standards but use different internal designs — SHA-2 uses the Merkle–Damgård construction while SHA-3 uses a sponge construction. SHA-2 is the more widely deployed default; SHA-3 provides a structurally different alternative.

What is HMAC used for?

HMAC combines a hash with a secret key to prove both the integrity and the authenticity of a message. It is used for API request signing, token verification such as JWT HS256, and secure cookies, typically built on SHA-256.

Which hash should I use for passwords?

A dedicated slow, salted password hash: Argon2 (preferred), scrypt, bcrypt or PBKDF2. Never use a fast general-purpose hash like SHA-256 for password storage.

Are MD5 and SHA-1 still safe?

No. Both are cryptographically broken by practical collision attacks and should not be used for any security purpose. Replace them with current standards like SHA-256.

Summary

The world of modern cryptographic hashes is best understood as a set of categories matched to goals rather than a single ladder of "better" algorithms. SHA-2 (led by SHA-256), SHA-3 and BLAKE2/BLAKE3 are fast general-purpose hashes for integrity and fingerprinting; Argon2, scrypt, bcrypt and PBKDF2 are deliberately slow password hashes; HMAC adds a secret key for authenticated messaging; and MD5 and SHA-1 are deprecated and should be retired. Choosing well means asking what you are actually trying to achieve and reaching for the family designed for it, defaulting to SHA-256 for general work and a dedicated function for passwords. Match the tool to the job, always use vetted libraries, and the modern hash landscape becomes simple to navigate.

👉 Explore hashing with our free SHA-256 tool →

Tags: #Cryptography #Development #Hashing #Security
AZ Utils Editorial

AZ Utils Editorial

Finance & web-tools writer

AZ Utilis writes practical, plain-English guides on calculators, finance and everyday web tools, drawing on years of experience helping beginners and small businesses get the numbers right.

Development

How to Format JSON (Beautify & Minify)

How to format JSON — beautify it for readability or minify it for production — in tools, editors, the command line and code, with the why behind each.

AZ Utils Editorial · · 10 min read