How to Check SHA1 Hash of a String
Do you need to check the sha1 hash of a string? You can easily find the sha1 hash of any string from the command line, and this trick works to check sha1 hash from Mac OS or Linux.
We’ll use the openssl command to
Check SHA1 Hash of a String
Here is how to check the SHA1 digest of any text string, in this example we’ll use a password but you can use any text string. Launch Terminal and enter the following command:
echo -n "yourpassword" | openssl sha1
The output will look something like this:
(stdin)= b48cf0140bea12734db05ebcdb012f1d265bed84
That is the sha1 checksum of “yourpassword”, obviously change “yourpassword” to your actual password to see its hash. Likewise you can change this to any string, so if you want to check the sha1 hash of “ILoveStarWars81” then that simply plug that into the syntax.
This might look something like the following at a Terminal window:
Outside of this example, checking a SHA1 hash is frequently used to verify file or string integrity, which we’ve covered on several occasions before.
For some background, this can be helpful for discovering security issues. For exaaple, if you use LinkedIn you’ve probably heard by now that a major security breach occurred with over 6.5 million user passwords stolen and leaked to the web. The first thing you should do is change your password on that site, but if you want to see if your password was among those leaked you’d need the SHA1 hash of the password itself.
You could use that output to compare it against a list of leaked passwords in the recent LinkedIn example, but ultimately this can be used to verify any sha1 checksum.
Thank you for your enormously helpful tip. I’m still very green (fumbling) with the command line and your post not only helped with an immediate need (thank you LinkedIn) but affirmed my modestly growing intuition that checking a hash string is probably somethin’ that can be handled natively in terminal. It also helped comparing your command line against openssl’s ‘man’ documentation. Nice
Be sure to add a space character in front of your commandline, that way your password won’t get saved in ~/.bash_history (assuming fairly normal linux setup – probably same on OSX?)
Excellent timely advice. I’d recommend using the following command instead however, it removes the first 6 characters from the output:
echo -n “mypassword123” | shasum | cut -c6-40