diff --git a/src/Auth/DigestAuthenticate.php b/src/Auth/DigestAuthenticate.php
index ff8437ff3cc..72aa795edde 100644
--- a/src/Auth/DigestAuthenticate.php
+++ b/src/Auth/DigestAuthenticate.php
@@ -86,7 +86,7 @@ public function __construct(ComponentRegistry $registry, array $config = [])
     {
         $this->setConfig([
             'nonceLifetime' => 300,
-            'secret' => Configure::read('Security.salt'),
+            'secret' => Security::getSalt(),
             'realm' => null,
             'qop' => 'auth',
             'opaque' => null,
@@ -277,7 +277,7 @@ protected function validNonce($nonce)
         if ($expires < microtime(true)) {
             return false;
         }
-        $check = hash_hmac('sha1', $expires . ':' . $this->getConfig('secret'), $this->getConfig('secret'));
+        $check = hash_hmac('sha256', $expires . ':' . $this->getConfig('secret'), $this->getConfig('secret'));
 
         return hash_equals($check, $checksum);
     }