This is a look-up tool for typical unsalted MD5 cryptographic hashes. The database currently contains 1.1+ trillion passwords.

To use this service, please use the the dedicated API.

Attention Sorry for the intermittent downtimes recently. There are some hardware faults that are causing some processes to stop working as expected. Currently running at a reduced capacity in effort to keep a more reliable uptime until replacement hardware is installed. All submissions that have been cracked previously will still be available instantly, but submissions that have never been seen before will not. This makes up a tiny portion of total requests. They will still be cracked but at a later time.

Not currently live! It will be soon!

There is a grandtotal of 233,878,861,911 user hash requests made to this database, 197,781,783 are of unique hashes (about 0% of grandtotal). Out of the grandtotal number of requests, 216,664,636,787 were successful or cracked (about 92%). Regardingly only unique hashes, 158,882,156 were successful or cracked (about 80%).

Main article: MD5 Database — Information
Main article: MD5 Database — API

Regular visitors may notice results showing in the table above as being found by "nitrx-gpu", these are cracked locally by GPU power in real time. When a hash you submit is not found, it will be queued for GPU cracking at some point in the future. Only when it is cracked by GPU will your unfound hash become found for the next time it's requested. The moment it gets cracked, it will appear in the table above. Similarly with passwords as "# NOT MD5 #" means the hash was cracked but not using the MD5 algorithm and will not be displayed.

The only data stored as a result of using this tool is the MD5 hash you willingly submit. Invalid form/API inputs are stored for the sake of monitoring unknown/malicious behaviour. Such things like IP addresses, cookies, HTTP headers, anything about you, your client or your connection, etc. are NOT stored.

Do not contact me about hacking or accessing online accounts for any reason. Do not ask to access the list of passwords or hashes users submit. I do not condone any illegal or malicious activity; do not use this tool if that is your intention. Read more in the main article links above.

This page loads an external script from Google called reCAPTCHA v3 which is used to collect behavioural information of requests to determine if they're real users or bots. This information will eventually be used in new and upcoming features to combat automated requests from bots as it may place unwanted load on the server. For more information about Google's reCAPTCHA, please view Google's Privacy Policy and Terms of Service.