HS512 (HMAC-SHA512)
HS512 is the strongest common symmetric JWT algorithm, using HMAC with SHA-512. It recommends a 512-bit (64-byte) secret for parity with hash output size. HS512 produces longer signatures than HS256 but remains fast on modern hardware. It appears in high-security configurations and some government-adjacent compliance frameworks that specify SHA-512. Implementations across Node.js, Python, Go, Ruby, and Java follow the same RFC standards, so concepts transfer directly between stacks. Security reviews should treat this as part of your full authentication threat model, not an isolated configuration detail. Document expected behavior for client teams so tokens are issued, stored, and validated consistently across services.
Why It Matters
HS512 is rarely needed over HS256 for typical web APIs, but if your security baseline mandates SHA-512, use a full 512-bit random secret. Document algorithm choice across services — verifiers must pin HS512 explicitly to avoid confusion with weaker algorithms. Getting this wrong often surfaces only after an incident, when forged or replayed tokens expose gaps in validation or secret handling. Platform teams should encode these rules in libraries, linting, and deployment checklists so individual services cannot drift silently. Pair technical controls with monitoring: log verification failures, track unusual token lifetimes, and alert on spikes in 401 responses.
Code Example
{
"alg": "HS512",
"typ": "JWT",
"kid": "hs512-primary"
}Related Terms
Related Comparisons
Algorithm Guides
Related Tools
Related Articles
Frequently Asked Questions
When should I choose HS512?
When policy requires SHA-512 or you want maximum symmetric hash strength. HS256 suffices for most SaaS APIs. Consult your JWT library documentation for exact option names, defaults, and error types. When in doubt, prefer stricter validation and shorter token lifetimes over permissive shortcuts.
Does HS512 slow down APIs?
Slightly more CPU than HS256, but usually negligible compared to network and database latency. Consult your JWT library documentation for exact option names, defaults, and error types. When in doubt, prefer stricter validation and shorter token lifetimes over permissive shortcuts.
HS512 secret length?
Use 512 bits (64 bytes) of cryptographically random data. Do not reuse shorter HS256 secrets. Consult your JWT library documentation for exact option names, defaults, and error types. When in doubt, prefer stricter validation and shorter token lifetimes over permissive shortcuts.