How to Hash a File in 60 Seconds or Less (2023)

Knowing how to hash a file is as easy as 1-2-3 — quite literally, in this case. We’ll show you how to hash your files in just three easy steps in Windows Command Line

When you download any application on the internet, there’s always some level of risk involved. If you download a file from a legitimate site, you should be able to trust it, right? Ideally, yes. But there are always the cases when things go wrong (e.g., someone hacks the website and uploads malicious versions of the company’s files) and an unauthorized party may alter a file. This is why you need to hash a file to help users recognize the unauthorized modification has occurred.

A file hash is a long string of hexadecimal numbers that looks like a whole lot of gibberish, but it serves an invaluable purpose: it’s a way to check whether the integrity of a file has been compromised. We won’t get into all of the specifics about what a hashing algorithm is or how it works — we have other articles that already do that.

Let’s explore how to hash a file for enhanced software security.

How to Hash a File in One Minute

Let’s use a simple text document as an example of a file we’re going to hash. In this case, the file simply says, “This is a test document” and that’s it. I know, it’s a very creative, “super secret” message for sure.

How to Hash a File in 60 Seconds or Less (1)

A screenshot of the original generic test file with the phrase “This is a test document” written inside.

(Video) Compute Hash in .NET in 60 Seconds

Anyhow, now that we have our file created, we’re going to quickly hash it using Windows Command Line. So, here we go!

1. Open Windows Command Line. In your Start bar, type CMD and press Enter to open Windows Command Line.

How to Hash a File in 60 Seconds or Less (2)

A screenshot of how to pull up the Windows Command Line tool.

2. Decide which hashing algorithm you want to use. Different hash functions (i.e., hashing algorithms) suit different needs and purposes. For example, you’ll want to use a fast hashing algorithm for digital signatures but a slow one for secure password storage. (Note: it’s recommended that you store your password hash values and not the plaintext passwords themselves.)

3. Hash a file using the certutil -hashfile command. Next, you’ll want to use the certutil -hashfile command along with the file path that leads to where you’re storing the file you want to hash. You’ll also want to specify the hash function (hashing algorithm) you want to use to hash your file. Some examples include SHA256, MD5 and SHA1. (Both MD5 and SHA1 have been deprecated, so they’re not typically recommended but you’ll still sometimes find them being used.)

The resulting command for hashing a file using SHA-256 will look something like this:

certutil -hashfile c:\example\test_file.txt SHA256

(Video) Loops vs HashSets in 60 Seconds

How to Hash a File in 60 Seconds or Less (3)

A screenshot of how to enter the certutil command in Windows Command Line with the resulting SHA-256 hash value.

That’s it! You’ve hashed your file quickly and easily. In this case, the resulting SHA-256 hash value (i.e., digest) for the file in this example is the following:


How to Check If a File Hash Digest Has Changed

Now that you know how to hash a file, you’ll also want to check to make sure that changing something in it will result in an entirely new hash value. For example, if I took the text document I hashed and then altered it by adding an exclamation mark, then the resulting file will have a completely different hash digest.

How to Hash a File in 60 Seconds or Less (4)

(Video) Python Challenge : Hashing a file in under 1 minute #Shorts 😮😲

A screenshot of the modified version of the test file with the exclamation mark added to the original phrase, making it say: “This is a test document!”

In this case, the new hash value will be the following hexadecimal string:


How to Hash a File in 60 Seconds or Less (5)

A screenshot of the modified version of the file’s resulting hash values in Windows Command Line.

Let’s quickly compare the two hashes side by side so you can see the difference:

Original File’s SHA-256 Hash ValueModified File’s SHA-256 Hash Value

Yes, even changing something as minimal as a single character (in this case, adding an exclamation mark) altered the entire hash digest.

(Video) Java for the Haters in 100 Seconds

Why Hashing Matters to File and Software Security

Hashing is an essential tool when it comes to ensuring the integrity of your software and protecting your organization’s brand and reputation. Why? Because, basically, hashing serves as a form of checksum.

When people download your software, for example, you can provide the file’s or executable’s hash value for them to use to check themselves. This helps to establish trust and provides your users with a way to verify that your software hasn’t been altered. If the hash values don’t match, then users will know that the file or software in question may have been modified and, therefore, it can’t be trusted.

But, sometimes, hashing isn’t enough. Remember the issue we mentioned earlier? Imagine that someone hacks your website and uploads their own malicious version of your software. They replace the hash values on your site with the ones for their dangerous files. If your users use those hash digests to confirm the files are authentic, they’ll just confirm that the hash values on the site match the ones for the file.

However, there’s no digital identity for them to verify. This is where digital signatures and digital certificates come into play.

Hashing Is a Critical Element of Digital Signatures and Certificates

Digital signatures add an extra layer of security to your software and files by adding your organization’s digital identity to the equation. These signatures are made possible through digital certificates such as code signing certificates.

A code signing certificate allows you to digitally sign your software to assert your organization’s verified identity. This way, when users download or try to install it, they won’t see the Windows Defender SmartScreen “Unknown publisher” warnings that look like this:

How to Hash a File in 60 Seconds or Less (6)

For example, a standard code signing certificate will allow your organization’s verified digital identity information to display where it says “Unknown Publisher” in the screenshot above. With an extended validation (EV) code signing certificate, it’ll get rid of the SmartScreen warning altogether because the certificate (and, therefore, your software) will automatically be trusted by Windows operating systems and browsers.

Of course, there are other uses and types of digital certificates as well. You can use digital certificates to cryptographically sign emails, documents, and even software and other executables to protect the integrity of your digital assets and communications.



How do you shorten hashes? ›

Secure way to shorten a hash
  1. Just remove the first or last few bits.
  2. XOR the first or last few bits with the part I'm keeping.
  3. Do something else.
Aug 21, 2015

What is a hash value for a file? ›

A hash value is a unique value that corresponds to the content of the file. Rather than identifying the contents of a file by its file name, extension, or other designation, a hash assigns a unique value to the contents of a file.

How do you create a hash value? ›

Hashing involves applying a hashing algorithm to a data item, known as the hashing key, to create a hash value. Hashing algorithms take a large range of values (such as all possible strings or all possible files) and map them onto a smaller set of values (such as a 128 bit number).

Can you hash a file? ›

A message digest, or hash, is a signature that identifies some amount of data, usually a file or message. Cryptographic hashing algorithms are one-directional mathematical formulae designed to generate a unique value for every possible input-in this case, the data.

Can you hash any file? ›

A hash can be computed for any input, even for an empty input. Some tools may display the output of some hash function, other tools may not. If the file is large, it may take some time to compute, so tools may not display the hash immediately, only on-demand.


1. Break Free from Screen Staring with Algo Trading
(Moon Dev)
2. Cryptography: Hashing Methods
(Bill Buchanan OBE)
(Techno Gamerz)
4. Hashing a File - 1 Minute Python Tutorial #shorts
(Python In 1 Minute)
(Techno Gamerz)
(Techno Gamerz)


Top Articles
Latest Posts
Article information

Author: Jonah Leffler

Last Updated: 06/24/2023

Views: 5275

Rating: 4.4 / 5 (65 voted)

Reviews: 88% of readers found this page helpful

Author information

Name: Jonah Leffler

Birthday: 1997-10-27

Address: 8987 Kieth Ports, Luettgenland, CT 54657-9808

Phone: +2611128251586

Job: Mining Supervisor

Hobby: Worldbuilding, Electronics, Amateur radio, Skiing, Cycling, Jogging, Taxidermy

Introduction: My name is Jonah Leffler, I am a determined, faithful, outstanding, inexpensive, cheerful, determined, smiling person who loves writing and wants to share my knowledge and understanding with you.