SHA-1 or Secure Hash Algorithm 1 is a cryptographic hash function which takes an input and produces a 160-bit (20-byte) hash value. This hash value is known as a message digest. This message digest is usually then rendered as a hexadecimal number which is 40 digits long. It is a U.S. Federal Information Processing Standard and was designed by the United States National Security Agency.
In 2005, SHA-1 was found to no longer be secure enough for ongoing use in high security environments. It was widely used for signing of SSL certificates, but is being phased out and will no longer be supported by many browsers by 2017.
SHA-1 is often used as a checksum algorithm. Text or files are fed into the MD5 algorithm and the resulting hash would change if the file had been changed. This is done to detect malicious tampering, or file corruption.
SHA-1 has also historically been used as a password hashing algorithm. Password hashing algorithms allow a password to be stored, in a website's database for instance, without having to store the actual password. This makes it more difficult to steal passwords, and if the hash is taken, the user's password is not necessarily compromised. When using a hashing algorithm for passwords it is wise to use "salt". With SHA-1, salt is added by concatinating a string unrelated to the password to the user supplied password string.