Free Hash Identifier
Identify likely digest and password-hash formats with confidence levels, structured metadata, and honest ambiguity handling.
Single or batch analysis
Identify likely hash formats, risk level, and structured metadata
Paste one value or multiple lines. The analyzer checks length, character set, modular prefixes, and common password-hash signatures, then shows likely candidates with honest ambiguity handling.
Entries
1
Selected type
bcrypt
Confidence
High
Risk
Modern
Charset
Structured / modular
Unique likely types
1
Candidates
Likely hash types and why they matched
Starts with $2b$ and matches bcrypt's fixed modular-crypt shape.
Structured details
Parsed metadata when the format exposes it
Version
2b
Cost
12
Payload length
53
Notes
Context and caveats
- bcrypt is adaptive and salted, which makes it much more suitable for password storage than fast digests like MD5 or SHA-1.
More Intel & Security Workflow Tools
Email Header Analyzer
Inspect SPF, DKIM, DMARC, and routing clues
AI Token Counter
Measure prompt size and context fit
JSON Formatter
Validate and format structured data
Regex Tester
Validate patterns against candidate hashes
Base64 Encoder
Encode and decode Base64 strings
UUID Generator
Compare UUID-like identifiers against hashes
Package Health
Inspect dependency risk and maintenance signals
AI Skills Directory
Browse GitHub-discovered agent workflows
Explore by hash family
More Hash Identifier Pages
Browse focused pages for MD5, SHA-256, bcrypt, and Argon2 identification workflows.
MD5 Hash Identifier
Check whether a 32-character hex string likely matches MD5 and learn where format-only detection becomes ambiguous.
SHA-256 Hash Identifier
Inspect 64-character digest strings and understand when SHA-256 is the most likely match versus a generic 256-bit hash.
bcrypt Hash Identifier
Detect bcrypt hashes confidently and inspect version and cost metadata directly from the stored hash string.
Argon2 Hash Identifier
Detect Argon2 password hashes cleanly and inspect the PHC string metadata that makes the format so useful for audits.
Why use a hash identifier?
A hash identifier helps you figure out what kind of digest or password-hash format you are looking at before you waste time making the wrong assumption. That matters in security reviews, incident response, migration work, password-storage audits, and even basic debugging when a system gives you a string like $2b$12$... or a raw 64-character hex digest and no explanation. A robust tool should do more than make a single guess. It should show likely candidates, explain why they matched, highlight ambiguity honestly, and flag whether the format looks weak, modern, or unknown.
Prefix-driven formats like bcrypt, Argon2, and Unix crypt strings are much easier to classify confidently because they expose structure. Plain hex strings are harder. A 32-character hex value might be MD5, NTLM, LM, or some other 128-bit digest depending on context. That is why good identification should include confidence rather than fake certainty. When the tool knows only the shape, it should say so.
How to use this hash identifier
Paste one hash to get a detailed breakdown, or paste multiple lines to analyze a batch. The summary section gives you the likely type, confidence, risk level, and character set. The candidate list explains the likely matches and why they fit. If the value uses a structured format such as bcrypt, Argon2, or modular crypt, the tool also extracts useful metadata like cost, version, salt length, or iteration parameters. That is the difference between a novelty detector and a genuinely practical analyzer.
What makes the output useful
The most valuable part of identification is context. If the tool marks something as weak, that usually means it is a fast digest or legacy password hash that should not be trusted for modern password storage. If it marks something as modern, that usually means the format is adaptive or explicitly designed for password hashing. If it marks a value as ambiguous, that is also useful because it tells you to look at the surrounding application, database field, or framework rather than assuming the first familiar name is correct.
FAQ
Can a hash identifier tell you the exact algorithm with certainty?
Not always. Some formats have unmistakable prefixes, like bcrypt or argon2, but plain hex strings can be ambiguous. For example, a 32-character hexadecimal string could be MD5, NTLM, or another 128-bit digest depending on context.
Why does the tool list multiple candidates for one value?
Because shape alone is not always enough. A good hash identifier should be honest about ambiguity and show the most likely algorithms with reasons and confidence levels rather than pretending every result is exact.
What makes a hash look weak or modern?
Fast digests like MD5 and SHA-1 are weak for password storage because they are cheap to brute-force. Structured hashes like bcrypt and argon2 are stronger because they are designed to be slower, salted, and configurable.