Which algorithm should be preferred to minimize collision risk in security‑sensitive contexts?

In security-sensitive contexts, you want a hash function with strong collision resistance and a long enough output to make finding two different inputs that produce the same hash practically infeasible. MD4 and MD5 have known collision vulnerabilities, with MD5 widely considered broken for modern security use. SHA-1 also has practical collision demonstrations, which undermines its suitability for new security-critical applications. SHA-256, a member of the SHA-2 family, currently has no practical collision attacks known and provides a 256-bit output, which makes collisions computationally impractical to achieve. This combination of strong resistance to collisions and a larger hash size is why SHA-256 is the best choice for minimizing collision risk in secure contexts.