Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
I heartily endorse this product and/or service.

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.

user:
pass:
register,


   

Please log in.
Before you can vote, you need to register. Please log in or create an account.

Hash email addresses in the database

 so when the database is stolen, they're not revealed
  (+4)
(+4) 		  [vote for,
against]

Many websites register their users using a username, email and password.
It's good practice to protect the password in the database using a hash, in combination with a salt (a packet of random data). This prevents the password from being recovered by criminals.

However, the email address is also useful for criminals in isolation. If they get a list, they will send spam and scams.

I propose therefore that the email address could also be hashed.

Because we need to search the list, we can't add a salt to the email hash, unfortunately. However, we can make the values specific to this database by adding "pepper" - that is, a packet of data which is unique to the website - perhaps the website name and a brief description.

How it works in practice:
Remember username and password - just log in
Remember email and password - just log in
Remember email and username - request password reset. Go to your email - if the email hash matches and the username is for that account, the address you gave will be sent an email - click the link, enter new password.

Remember just your username - you're locked out.
Remember just your password - you're locked out.
Remember just your email - you're locked out.

But but but - what happens if two email addresses 'collide' in the hash?
This is unlikely if the hash is long, and strong enough. However, it doesn't matter; every matching record can be checked to see if the username or (hashed)password matches.
That is - usernames are unique, so if the username is supplied this is unambiguous. Passwords also really ought to be unique, so if they collide too something has really gone wrong.

One potential down-side of this scheme is that normally you can request a password reset with just your email. To mitigate this, I propose that when you register an account, or change email addresses, you would get an email which states your chosen username. Keep hold of that and you won't get into this situation.

This system has the side-effect that the website doesn't know your email address, and therefore can't email you without you giving it to them again. Some may see this as an advantage.

Loris, Oct 30 2024

[link]






       I don't understand any of the technical stuff but if it can prevent the bastards from weaseling their way into my life, I'm in! [+]
minoradjustments, Oct 30 2024
   
      
[annotate]
   


 

back: main index
business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle