MD5 and SHA Hashes: Checksums vs Security
2026-05-13
When MD5 or SHA-256 is fine for file integrity—and when you must avoid weak hashes for security.
Cryptographic hashes map data to a fixed-length fingerprint; changing one bit changes the hash dramatically.
MD5 is fast but collision-prone; do not rely on it for certificates or attacker-controlled inputs.
SHA-256 is a common choice for download verification and modern integrity checks.
Hashes prove content matches a known good value—they do not encrypt or hide the file.