Hash & checksums
File Checksum Generator
Generate MD5 and SHA-256 checksums for local files without uploading them.
The file stays in your browser. Nothing is uploaded.
How to use this tool
Drop a local file into the checksum generator.
Lumio reads the file in your browser and calculates MD5 and SHA-256 digests without uploading it.
Compare the digest with a trusted checksum from a release page, artifact store, or teammate.
Why file checksums matter
A checksum helps confirm that a downloaded file, build artifact, backup, or exported package did not change unexpectedly.
It is useful for release verification, support debugging, and comparing files across systems.
Use a checksum from a trusted source; a checksum shown next to a compromised file does not prove safety by itself.
MD5 versus SHA-256 for files
MD5 is fast and common in legacy workflows, but it is not collision-resistant enough for security-sensitive verification.
SHA-256 is the better default for modern file integrity checks.
For signed releases, verify the signature as well as the checksum when the publisher provides one.
Examples
Verify a download
After downloading a release archive, compare its SHA-256 checksum with the value published by the project.
Compare two exports
If two exported files should be identical, matching SHA-256 checksums are a strong signal that the bytes match.
FAQ
Is the file uploaded for hashing?
No. The file is read and hashed locally in your browser.
Which checksum should I trust more?
Prefer SHA-256 for modern integrity checks. MD5 is mainly for legacy compatibility.
Can a checksum prove a file is safe?
Not alone. It proves the bytes match a reference value. The reference value itself must come from a trusted source.
Can I hash large files?
Browser memory and device performance can limit very large files. For huge artifacts, local command-line tools may be more reliable.