What is a SHA-1 hash?
SHA-1 (Secure Hash Algorithm, 1st version) is an
algorithm which converts a given sequence of characters into another unique sequence of characters, with a fixed
length, called "hash".
For instance, the SHA-1 hash of the word password is 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8.
These hashes are mostly used to validate file integrity, to encrypt sensitive data (like passwords), and to
generate unique identifiers.
Is it secure?
SHA-1 hashes are theoretically impossible to reverse directly, ie, it is
not possible to retrieve the original string from a given hash using only mathematical operations.
Most web sites and applications store their user passwords into databases with SHA-1 encryption.
This method appears to be safe as it seems impossible to retrieve original user passwords if, say, a hacker
manages to have a look at the database content.
Unfortunately, there is a way to decrypt a SHA-1 hash, using a
dictionary populated with strings and
their SHA-1 counterpart.
As most users use very simple passwords (like "123456", "password", "abc123", etc), SHA-1 dictionaries make them very easy to retrieve.
This website uses a SHA-1 reverse dictionary containing several millions
of entries, which you can use with SHA-1 hashes from your application.
If some of the hashes you enter can be reversed, consider using another way of generating hashes, like using
stronger algorithms (SHA-2,
Whirlpool, etc),
combining algorithms, and using a
"salt".