HomeBlogWhat Is a .onion Address?
How it works

What Is a .onion Address?

Published Mar 9, 2026 · Updated July 11, 2026 · 6 min read

abcd…wxyz.onion

If you have ever seen a web address that looks like a keyboard fell down the stairs — a long jumble of letters and numbers ending in .onion — you have seen a Tor hidden-service address. These are the addresses that directory pages like the Hidden Wiki try to catalog. Here is what they actually are.

Not a domain name — a cryptographic key

A normal web address like example.com is a friendly name that a domain registrar sold to someone. A .onion address works completely differently. It is derived directly from a cryptographic public key generated by the site’s operator. The address is the key, encoded as text.

http://example2w4x…longrandomstring…q7id.onion

That is why they are so long (56 characters in the current version) and impossible to guess. Nobody “registers” a .onion name at a central authority; the math produces it. This design has a neat side effect: the address is self-authenticating. When you connect, Tor can verify the site truly holds the matching key, which helps prevent one site from impersonating another’s address.

Why they exist

The randomness is the point. Because the address comes from a key rather than a registry, a hidden service can:

The trade-off is obvious: nobody can remember abcd…wxyz.onion. That memorability gap is precisely why human-readable directories became popular in the first place — and why they are also easy to fake.

How to read one safely

Because the whole address is meaningful, a single wrong character points to a different site. Scammers exploit this by publishing addresses that look almost identical to a well-known one. A few habits help:

A .onion address only resolves inside the Tor network. Pasting one into an ordinary browser simply won’t work — that is expected behavior, not an error.

Frequently asked questions

Why are .onion addresses so long and random?

Because they are derived from a cryptographic public key. That randomness is what makes each address secure and self-authenticating.

Can you open a .onion link in a normal browser?

No. A .onion address only resolves inside the Tor network, so it needs Tor-capable software. An ordinary browser cannot reach it.