I tried to find a similar question but I did not find a question describing my exact scenario and I am still puzzled if the following actually makes an application more secure.
I have legacy passwords stored with SHA1 and a common salt imported to my system. If the user logs in, I am able to rehash the password itself with a stronger algorithm - that's fine. But for the import I want to hash the SHA1-hash again with SHA256 (or better bcrypt) and an individual salt and afterwards remove the SHA1-hash - in my understanding this should increase the security as I increase entropy by adding an individual salt and using a stronger hashing algorithm. Is this correct or does the decreased entropy from SHA1 remain when doing this?