BlogWhat Size JWT Secret Do I Need? Key Length Explained
·Updated July 7, 2026·10 min read·JWTSecrets Team

What Size JWT Secret Do I Need? Key Length Explained

Answer the most common JWT secret sizing question — how many bits, bytes, and characters you need for HS256, HS384, and HS512.

What Size JWT Secret Do I Need? Key Length Explained

"How long should my JWT secret be?" is one of the most searched JWT security questions. The answer depends on your signing algorithm — but for the vast majority of applications, the answer is simple: 256 bits.

The Short Answer

AlgorithmMinimum Secret SizeHex CharactersBytes
-------------------------------:---------------:------:
HS256256 bits6432
HS384384 bits9648
HS512512 bits12864

If you are using HS256 (the most common choice), generate a 256-bit (32-byte) random secret. That is 64 hexadecimal characters.

Why 256 Bits Is Enough

A properly random 256-bit key has 2^256 possible values. Even at a trillion guesses per second, brute-forcing a 256-bit secret would take longer than the age of the universe. NIST recommends a minimum of 128 bits for symmetric keys; 256 bits provides a comfortable security margin.

The real risk is not key length — it is using predictable secrets, reusing secrets across environments, or storing them insecurely.

When to Use 512 Bits

Use a 512-bit secret when:

  • You are signing with HS512 (the HMAC block size aligns with 512-bit keys)
  • Compliance requirements mandate longer key material
  • You want defense-in-depth in high-security or regulated environments

For standard HS256 production use, 512-bit secrets offer no practical security benefit over 256-bit — they just take more storage space.

How to Generate the Right Size

Use the JWT Secret Generator and select the preset that matches your algorithm:

  • 128-bit — testing only, never production
  • 256-bit — standard production (HS256)
  • 512-bit — HS512 or high-security environments
// Node.js: 256-bit secret for HS256
const secret = require('crypto').randomBytes(32).toString('hex');

What NOT to Use

  • Passphrases or dictionary words ("my-super-secret-key")
  • UUIDs or short random strings (< 128 bits)
  • Base64-encoded short passwords
  • The same secret you use for other purposes (database encryption, API keys)

Bits, Bytes, and Characters Explained

Developers often confuse these units. Here is how they map for hex-encoded secrets:

  • 256 bits = 32 bytes = 64 hexadecimal characters
  • 512 bits = 64 bytes = 128 hexadecimal characters

When you see a 64-character hex string from the JWT Secret Generator, you have 256 bits of entropy. A 32-character string is only 128 bits — half the recommended minimum for HS256 production use.

Compliance and Industry Guidance

Standard / SourceMinimum Symmetric Key Size
NIST SP 800-131A128 bits (112 effective)
OWASP JWT Cheat Sheet256 bits for HS256
RFC 7518 (JWA)Key size >= hash output size

Regulated industries (HIPAA, PCI-DSS, SOC2) often require documented key management procedures. Using 256-bit random secrets satisfies the cryptographic requirement — but auditors also expect rotation policies, access controls, and secrets manager usage. Read how to store JWT secrets securely for storage patterns that satisfy compliance reviews.

Testing Your Key Size in Practice

After generating a secret, sign a test token and verify it:

const jwt = require('jsonwebtoken');
const secret = process.env.JWT_SECRET;
console.log('Secret length (hex chars):', secret.length); // expect 64 for 256-bit
const token = jwt.sign({ test: true }, secret, { algorithm: 'HS256', expiresIn: '5m' });
jwt.verify(token, secret, { algorithms: ['HS256'] }); // throws if invalid

Paste the token into the JWT Validator to confirm the signature and inspect the decoded payload. If verification fails, check that your secret has no trailing whitespace or newline characters from copy-paste.

Real-World Scenarios

Startup MVP: 256-bit HS256 secret in platform environment variables. Rotate manually when team members leave.

Growing SaaS: Move to AWS Secrets Manager or Doppler. Automate rotation with the kid header. Keep 256-bit keys — upgrading to 512-bit adds no practical benefit for HS256.

High-security API: HS512 with 512-bit secrets, short token TTL (15 minutes), refresh token rotation, and audience validation on every request.

Verify Your Setup

After generating a secret, sign a test token and verify it with the JWT Validator. Read the full key length comparison for deeper technical detail.

Related Guides

Summary

For HS256 — the default choice for most APIs — use a 256-bit (64-character hex) randomly generated secret. This applies to virtually every web application, mobile backend, and internal service. Upgrade to 512-bit only for HS512 or explicit compliance requirements. The JWT Secret Generator defaults to the correct size for your selected algorithm. When in doubt, choose 256 bits in production. Shorter secrets are the most common cause of offline JWT cracking attacks.

Written by

JWTSecrets Team

Editorial Team

The JWTSecrets editorial team writes practical guides on JWT authentication, cryptographic key management, and browser-based security tooling. Our content is reviewed against IETF RFCs and current library documentation.