Hash ip and metadata of bruteforce attempts

[J0WI]

How to use GitHub

• Please use the 👍 reaction to show that you are interested into the same feature.
• Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
• Subscribe to receive notifications on status change and new comments.

---

Is your feature request related to a problem? Please describe.
oc_bruteforce_attempts table leaks a lot of personal data like IP addresses combined with usernames and timestamps.

Describe the solution you'd like
Hash the IP and username with a oneway function before inserting it. This still allows Nextcloud to detect and block bruteforce attempts, while not storing any additional information.

Describe alternatives you've considered

• Delete old oc_bruteforce_attempts entries automatically #22993
• GDPR Compliance, use hashed IP addresses / user names suspicious_login#72

[rullzer]

Nope. The plan is still to use subnets as fallback at some point. Which we can't do if they are hashed.
Also it is only hiding the symptones. MD5-ing the ipv4 for example. You can still reverse it because your initial space is so small.

[rullzer]

But we should indeed cleanup old entries and only keep for how long we need them. Let me have a look at that

[rullzer]

See #23287

[J0WI]

The plan is still to use subnets as fallback at some point.

We can also compare hashes of subnets.

You can still reverse it because your initial space is so small.

Sure, but it raises the costs to do so. At least if not just plain MD5 is used.
It's easy to exclude IP addresses from logs but here the smallest possible needs to be stored to provide the functionality. The full address gives you more information than required.

[J0WI]

Closing due #23287