• Home
  • News
  • SHA-1 no longer accepted by Google, Mozilla and Microsoft

SHA-1 no longer accepted by Google, Mozilla and Microsoft

The SHA-1 hashing algorithm will no longer be supported by the major browsers on the market. Google has announced that Chrome will start blocking off the websites that still use this system starting with January 2017. In a similar statement, Microsoft announced that Edge and Internet Explorer will no longer accept these certificates starting with February 2017. Finally, Mozilla's Firefox will stop sites using SHA-1 from loading beginning with spring of 2017.

In case you don't know what SHA-1 is or why you should care, I'm going to tell you: it's a cryptographic hash function that many websites still use in order to encrypt the data being transmitted on them. Unfortunately, this system is now obsolete and unreliable as it allows hackers to perform spoofing, man-in-the-middle and phishing attacks. Even though there are many better hashing solutions available such as SHA-2 or SHA-3, many websites still use SHA-1 certificates, which puts the user at risk. However, since most people don't even know what SHA-1 or hashing algorithms are, companies like Google, Mozilla and Microsoft have decided that they have an obligation to protect their customers. This means that websites that haven't moved on from SHA-1 security certificates will be walled off by the major browsers.

If security and privacy are topics that interest you, you may also want to read some of our other stories like: "The dangers of using "anti-spying" tools for Windows 10" or "All you need to know about updating router's firmware".