A checksum is a hash value generated and shared by the developer of the software. It is a brief, unique string that is produced after an encryption algorithm has been applied to a given file. The technique examines every bit in a file and generates a checksum based on those distinct bits.
In this guide, we will explore how to verify MD5, SHA-1, and SHA-256 checksums in a Windows environment to ensure the files you’ve obtained are accurate and unaltered.
How to Verify the MD5, SHA-1, and SHA-256 Checksum in Windows?
To verify the MD5, SHA-1, and SHA-256 Checksum in Windows, follow these steps:
Step 1: Open the Command Prompt
Use the Windows Start menu, search cmd and hit Run as administrator:
Step 2: Navigate the Folder
You have to navigate to the folder where your file is stored and you have to use the cd command for navigation.
Step 3: Run the Command
Inside the folder, navigate to file and run the following command:
MD5: MD5 is a cryptographic protocol or the hash function algorithm that works by taking the input (as a message) of any specified length and converting it into the message of 16 bytes (fixed):
certutil -hashfile <File Name> MD5
For example, to check the MD5 hash of the file vlc-3.0.18-win32.exe, you would run the following command:
certutil -hashfile vlc-3.0.18-win32.exe MD5
SHA1: MD5 is a cryptographic protocol or the hash function algorithm that works by taking the input (as message) of any specified length and converts it into the message of 160-bit (20-byte) hash value. To check the SHA1 for the vlc, use the following command:
|certutil -hashfile vlc-3.0.18-win32.exe SHA1|
SHA256: SHA256 is a part of the SHA2 family. It is a cryptographic algorithm that takes an input and produces a 256-bit hash value:
|certutil -hashfile vlc-3.0.18-win32.exe SHA256|
Compare the Two Checksums
Now compare the checksum which you have created with the checksum generated on the vendor page. If both checksums match then this is well and good, if does not match it means there are some issues with the file:
Checksum generated on the vendor page:
Checksum generated on the command prompt:
Using Third-party Applications
You can also compare checksum by using a third-party application. They are easy to use as compared to using a command prompt. MD5 & SHA Checksum Utility is a tool that lets you verify the integrity of a file by finding out its MD5, SHA-1, SHA-256, and SHA-512 signatures. To download the MD5 & SHA click on the link:
Once the downloading is completed, click on the “Download and install this Feature” :
Wait to complete the process, once completed Click on the Close Button:
Verify the Checksum
Now open the checksum utility and select the file you want to check:
Paste the hash which is provided by the developer in the hash text box and click on the Verify button:
A pop message will appear to verify, whether it is a match or not”:
To Verify MD5, SHA-1, and SHA-256 Checksum, use the certutil -hashfile <File Name> MD5 command in the Windows Command Prompt. Use third-party utilities to verify the authenticity of the file. Whether you’re downloading software, sensitive documents, or any other files from the internet, following these steps will help you maintain the integrity of your digital assets.