SHA-256 explained simply
July 8, 2026 · 14 min read
SHA-256 is a cryptographic hash function: it takes input of any size and produces a fixed 256-bit (32-byte) digest, usually shown as 64 hexadecimal characters. The same input always yields the same hash; a tiny change in input completely changes the output. You cannot reverse a hash to recover the original data.
SHA-256 is part of the SHA-2 family standardized by NIST. It powers blockchain headers, certificate fingerprints, content-addressed storage, and integrity checks in APIs. It is not a password storage algorithm on its own - pair it with proper password hashing when storing credentials.
What a hash is
Think of a hash as a compact fingerprint. Two files with identical content produce identical SHA-256 digests; one flipped bit produces an unrelated digest. Hashes enable quick equality checks without comparing megabytes byte by byte.
Unlike encryption, hashing is one-way by design. There is no key to “decrypt” a digest - only brute-force guessing or rainbow tables for small, predictable inputs like weak passwords.
SHA-256 in one minute
The algorithm processes input in 512-bit blocks through a compression function, mixing bits with constants derived from cube roots of primes. After padding the message to the right length, it outputs eight 32-bit words concatenated as the digest. Implementations are fast in hardware and widely available in OS and language libraries.
Input: "hello"
SHA-256: 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
Input: "hello!"
SHA-256: ce06092… (completely different)
Key properties
- Deterministic - same message, same hash everywhere.
- Fast to compute - suitable for integrity checks on large files.
- Collision resistant - infeasible to find two messages with the same hash.
- Avalanche effect - small input changes scramble the output.
Pre-image resistance means given a hash, you cannot feasibly find any input that produces it. Second-pre-image resistance means you cannot find a different message with the same hash as a chosen message. SHA-256 remains strong for these properties today; SHA-1 is deprecated for collision reasons.
Where you use SHA-256
Git commit IDs, Bitcoin block hashing, TLS certificate pinning, and SRI (Subresource Integrity) in browsers all rely on SHA-256 or related constructs. Developers hash config snapshots for drift detection, deduplicate uploads by digest, and sign data with HMAC-SHA256 using a secret key.
import { createHash } from "node:crypto";
const hash = createHash("sha256").update("hello", "utf8").digest("hex");
console.log(hash);
What hashes cannot do
Hashing alone does not prove who sent a message - anyone can hash the same text. Use HMAC or digital signatures for authenticity. Hashing alone does not securely store passwords - use bcrypt, scrypt, or Argon2 with salt and tuning parameters.
If you need secrecy, use encryption (AES-GCM) not hashing. If you need tamper evidence on public content, publish the SHA-256 digest through a separate channel.
FAQ
- Is SHA-256 the same as encryption?
- No. Encryption is reversible with a key. Hashing is one-way.
- Can two files have the same SHA-256 hash?
- A collision is theoretically possible but practically infeasible. Use SHA-256 for integrity; do not use deprecated SHA-1 for security.
- Should I store passwords with SHA-256?
- No. Use dedicated password hashes (bcrypt, Argon2) designed to be slow and salted.
- Why is the digest 64 hex characters?
- 256 bits encoded as hex uses two characters per byte: 32 × 2 = 64.
Related: SHA-1 vs SHA-256