diff --git a/.gnupg/gpg.conf b/.gnupg/gpg.conf
index 141c2f0e..d862412e 100644
--- a/.gnupg/gpg.conf
+++ b/.gnupg/gpg.conf
@@ -1,4 +1,9 @@
 keyserver hkp://pgp.mit.edu
 keyserver-options auto-key-retrieve
-with-fingerprint
-with-keygrip
\ No newline at end of file
+# with-fingerprint
+with-keygrip
+## SHA1 is too weak.
+## https://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html
+personal-digest-preferences SHA256
+cert-digest-algo SHA256
+default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
\ No newline at end of file