SHA1 should no longer be used anymore
Everyone should switch to (in order of preference):
- BLAKE2b / BLAKE2s
- Any other SHA2-family hash function as a last resort
...unless they're storing passwords! In which case, they should switch to (in order of preference):
- Argon2id with memory >= 32MiB, >= 2 rounds, and >= 2 parallelism
- scrypt / yescrypt with memory >= 32 MiB, >= 4 rounds, and >= 1 parellelism
- bcrypt (for PHP devs, password_hash() and password_verify() does the trick)
- PBKDF2-SHA512 with 85,000 iterations as a last resort
But SHA1 should no longer be used anymore. No excuses.
― Scott Arciszewski, Chief Development Officer at Paragon Initiative Enterprises.