What Is a .onion Address?
If you have ever seen a web address that looks like a keyboard fell down the stairs — a long jumble of letters and numbers ending in .onion — you have seen a Tor hidden-service address. These are the addresses that directory pages like the Hidden Wiki try to catalog. Here is what they actually are.
Not a domain name — a cryptographic key
A normal web address like example.com is a friendly name that a domain registrar sold to someone. A .onion address works completely differently. It is derived directly from a cryptographic public key generated by the site’s operator. The address is the key, encoded as text.
For a different angle, see deep web versus dark web explained.
That is why they are so long (56 characters in the current version) and impossible to guess. Nobody “registers” a .onion name at a central authority; the math produces it. This design has a neat side effect: the address is self-authenticating. When you connect, Tor can verify the site truly holds the matching key, which helps prevent one site from impersonating another’s address.
Why they exist
The randomness is the point. Because the address comes from a key rather than a registry, a hidden service can:
- Prove its identity cryptographically, without certificates from an outside authority.
- Stay reachable without publishing the operator’s server location or IP.
- Resist tampering, since a changed address means a different key entirely.
The trade-off is obvious: nobody can remember abcd…wxyz.onion. That memorability gap is precisely why human-readable directories became popular in the first place — and why they are also easy to fake.
How to read one safely
Because the whole address is meaningful, a single wrong character points to a different site. Scammers exploit this by publishing addresses that look almost identical to a well-known one. A few habits help:
- Treat every character as significant — do not “eyeball” the middle of the string.
- Get addresses from a source you already trust, not from a random list.
- Remember that a valid, working .onion address still tells you nothing about whether the site is honest.
Frequently asked questions
Why are .onion addresses so long and random?
Because they are derived from a cryptographic public key. That randomness is what makes each address secure and self-authenticating.
Can you open a .onion link in a normal browser?
No. A .onion address only resolves inside the Tor network, so it needs Tor-capable software. An ordinary browser cannot reach it.