MD5 (Message-Digest Algorithm 5) is a cryptographic hash function designed by Ron Rivest in 1991. It produces a 128-bit (32 hexadecimal character) digest. While fast, it is considered cryptographically broken and should not be used for security purposes.

MD5 is not safe for security-sensitive uses. Practical collision attacks exist, and rainbow tables can reverse many MD5 hashes. Use SHA-256 or stronger for security. MD5 is still acceptable for non-security uses like checksums and cache keys.

What is the length of an MD5 hash?

An MD5 hash is always 32 hexadecimal characters (128 bits / 16 bytes), regardless of the input size.

What is MD5?

MD5 (Message-Digest Algorithm 5) is a hash function that produces a 128-bit (32-character hex) digest. It is extremely fast but cryptographically broken — do not use it for passwords or digital signatures.

How MD5 Works

MD5 takes any input — a word, a file, an entire database dump — and produces a fixed 32-character hexadecimal string. Example: MD5 of hello is 5d41402abc4b2a76b9719d911017c592.

Why MD5 Is No Longer Secure

In 2004, researchers demonstrated practical MD5 collision attacks — two different inputs producing the same hash. In 2008, researchers used MD5 collisions to forge an SSL certificate. MD5 is now considered cryptographically broken for any security purpose.

When MD5 Is Still Acceptable

File checksums — verifying accidental corruption (not malicious tampering)
Cache keys — generating short identifiers from longer strings
Non-security deduplication — finding duplicate records in a dataset

MD5 vs SHA-256

SHA-256 produces a 256-bit digest, has no known practical collision attacks, and is the current standard for security-sensitive applications. Use MD5 only when you specifically need speed and collision resistance is not required.

Generate MD5 hashes (and SHA-1, SHA-256, SHA-512): Open Hash Generator →

Frequently Asked Questions

Can MD5 be reversed?

Not mathematically. But many common strings have precomputed MD5 values in rainbow tables. For passwords, this effectively reverses many MD5 hashes — which is why MD5 must never be used for password storage.

How long is an MD5 hash?

Always 32 hexadecimal characters (128 bits), regardless of input size.

Related Terms

SHA-256 — The secure modern alternative to MD5.
Hash Functions — The broader concept MD5 belongs to.