Create Hash-based Message Authentication Codes (HMAC) for text messages and files. HMAC provides a secure way to verify both the data integrity and authenticity of a message using a secret key.
Generate HMAC signatures using multiple algorithms including SHA-256, SHA-512, and more
HMAC (Hash-based Message Authentication Code) is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key. It provides a way to verify both the data integrity and the authenticity of a message.
HMAC (Hash-based Message Authentication Code) is a cryptographic technique that uses a secret key and a cryptographic hash function to generate a message authentication code. It works by combining the message with the secret key and then applying the hash function to produce a fixed-size output that can be used to verify both the integrity and authenticity of the message.
For most security applications, SHA-256 is recommended as it provides a good balance between security and performance. SHA-512 offers higher security but may be slower. MD5 and SHA-1 should be avoided for security-critical applications as they have known vulnerabilities.
Yes, all processing happens locally in your browser. Your messages, files, and secret keys are never sent to any server. The tool uses the Web Crypto API available in modern browsers to perform the cryptographic operations securely.
Hex output represents the HMAC as a string of hexadecimal characters (0-9, A-F), while base64 output encodes the binary HMAC result using a 64-character alphabet. Base64 is more compact (about 33% smaller) but may contain characters that need special handling in URLs. The URL-safe option replaces problematic characters with URL-safe alternatives.
Yes, HMAC is commonly used for API authentication. You can generate HMAC signatures for API requests using this tool to test your implementation. However, for production use, you should implement HMAC generation directly in your application code rather than using a web tool.