It's not just a "good" hash algorithm, it has to be one that cannot be made to behave in a way predictable to an attacker.

Picking a new secure random seed value at startup time and prepending it to every hashed value is generally what you need to do.