Google have announced that they are going to gradually sunset the SHA-1 support within their Chrome browsers as security of this hash is quite weak.
This is another example of many web companies starting to take security very seriously.
We at Concep constantly review our own systems to ensure that we are as up to date with current security practice as possible.
I truly feel that online security is turning a corner as consumers are starting to take notice of how and where their data is held due to amount of high profile data losses within the last year.
The SHA-1 cryptographic hash algorithm has been known to be considerably weaker than it was designed to be since at least 2005 — 9 years ago. Collision attacks against SHA-1 are too affordable for us to consider it safe for the public web PKI. We can only expect that attacks will get cheaper. That’s why Chrome will start the process of sunsetting SHA-1 (as used in certificate signatures for HTTPS) with Chrome 39 in November. HTTPS sites whose certificate chains use SHA-1 and are valid past 1 January 2017 will no longer appear to be fully trustworthy in Chrome’s user interface.