Home

MD5 Hash Generator

What an MD5 Hash is:

MD5 is an acronym for Message-Digest 5– a fast and powerful method of increasing security to file transfers and message request transfers.

The way it works is the user enters an input string, and the md5 algorithm will generate a 32-character string in hexadecimal characters. The characters will always be hexidecimal, and the string will always be 32 characters in length.

Once a string is hashed into an md5 hash, it cannot be unhashed via any “un-md5” algorithm. The only way is to use an MD5 cracker tool, which queries a large database of strings and their associated md5 hashes.

Once your md5 hash code is generated, you can deliver it to the expected receiver and they can use that hash to match against their result of performing an md5 hash on their own values. If the hashes match, then you can be confident that the data was sent correctly.

Useful Applications of the MD5 Hash – API Calls

There are several useful applications for using an md5 hash generator when interating with other people or machines, including api integration. If you and another company agree on a secret API key, you can generate an md5 hash of a concatenated string of the variables you post to the partner’s website, along with the api key. Then the partner can use that agreed on api key to validate that the incoming request in fact came from your website. You can in turn ask them to send a hashed concatenated string with the api key to ensure that the incoming request came from them.

PHP example:

Let’s say you and a partner website agreed on the following API key:

<?php
  $apikey = 'abc123';
?>

If you were posting the following data to the partner, and that the “firstname” and “lastname” fields were generated via php:

<?php
  $first = 'Arion';
  $last = 'Gnotta';

  $hash = md5($first . $last . $apikey);
?>

<form method="post" action="http://www.partnerwebsite.com/api.php">
  <input type="hidden" name="firstname" value="<?php echo $first?>" />
  <input type="hidden" name="lastname" value="<?php echo $last ?>" />
  <input type="hidden" name="hash" value="<?php echo $hash?>" />
  <input type="submit" value="Send" />
</form>

The hash in this case is constructed by simply concatenating every mandatory field you are sending, appending the api key after it, and getting the md5 hash of that resultant string.

<?php
  $first = $_POST['firstname'];
  $last = $_POST['lastname'];
  $their_hash = $_POST['hash'];

  $our_hash = md5($first . $last . $apikey);

  if($their_hash != $our_hash){
    echo 'Access denied.';
  } else {
    // do something
  }
?>

You can do the same when accepting incoming requests from them as well to verify that you are not accepting a fraudulent post.

There are many other useful applications of the md5 hash, including password generators. Take the time to experiment and find more ways to use this simple and effective tool!

MD5 Hash Generator

What an MD5 Hash is:

MD5 is an acronym for Message-Digest 5– a fast and powerful method of increasing security to file transfers and message request transfers.

The way it works is the user enters an input string, and the md5 algorithm will generate a 32-character string in hexadecimal characters. The characters will always be hexidecimal, and the string will always be 32 characters in length.

Once a string is hashed into an md5 hash, it cannot be unhashed via any “un-md5” algorithm. The only way is to use an MD5 cracker tool, which queries a large database of strings and their associated md5 hashes.

Once your md5 hash code is generated, you can deliver it to the expected receiver and they can use that hash to match against their result of performing an md5 hash on their own values. If the hashes match, then you can be confident that the data was sent correctly.

Useful Applications of the MD5 Hash – API Calls

There are several useful applications for using an md5 hash generator when interating with other people or machines, including api integration. If you and another company agree on a secret API key, you can generate an md5 hash of a concatenated string of the variables you post to the partner’s website, along with the api key. Then the partner can use that agreed on api key to validate that the incoming request in fact came from your website. You can in turn ask them to send a hashed concatenated string with the api key to ensure that the incoming request came from them.

PHP example:

Let’s say you and a partner website agreed on the following API key:

<?php
  $apikey = 'abc123';
?>

If you were posting the following data to the partner, and that the “firstname” and “lastname” fields were generated via php:

<?php
  $first = 'Arion';
  $last = 'Gnotta';

  $hash = md5($first . $last . $apikey);
?>

<form method="post" action="http://www.partnerwebsite.com/api.php">
  <input type="hidden" name="firstname" value="<?php echo $first?>" />
  <input type="hidden" name="lastname" value="<?php echo $last ?>" />
  <input type="hidden" name="hash" value="<?php echo $hash?>" />
  <input type="submit" value="Send" />
</form>

The hash in this case is constructed by simply concatenating every mandatory field you are sending, appending the api key after it, and getting the md5 hash of that resultant string.

<?php
  $first = $_POST['firstname'];
  $last = $_POST['lastname'];
  $their_hash = $_POST['hash'];

  $our_hash = md5($first . $last . $apikey);

  if($their_hash != $our_hash){
    echo 'Access denied.';
  } else {
    // do something
  }
?>

You can do the same when accepting incoming requests from them as well to verify that you are not accepting a fraudulent post.

There are many other useful applications of the md5 hash, including password generators. Take the time to experiment and find more ways to use this simple and effective tool!