Use different hashing algorithm/uuid for fingerprints #7

Kugelschieber · 2020-08-05T09:31:46Z

So that the fingerprint cannot be unhashed again.

This is not an issue as long as you (the user) don't decrypt the hashes and no one gets access to your database. Consumer IPs usually change after a while, as ISPs use IP pools for their customers.

Kugelschieber · 2020-08-07T23:06:50Z

Not worth the effort, because:

no untrusted person should get access to your database
fingerprints are dropped when processed
decrypting MD5 hashes, even if they are weak, takes effort and they only contain the IP and User-Agent of a visitor, which is toleratable

Kugelschieber self-assigned this Aug 5, 2020

Kugelschieber added this to the 1.1.1 milestone Aug 5, 2020

Kugelschieber changed the title ~~Use asymmetric hashing algorithm for fingerprint~~ Use different hashing algorithm/uuid for fingerprints Aug 5, 2020

Kugelschieber added the enhancement New feature or request label Aug 5, 2020

Kugelschieber modified the milestones: 1.1.1, 1.2.0 Aug 5, 2020

Kugelschieber closed this as completed Aug 7, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use different hashing algorithm/uuid for fingerprints #7

Use different hashing algorithm/uuid for fingerprints #7

Kugelschieber commented Aug 5, 2020 •

edited

Loading

Kugelschieber commented Aug 7, 2020

Use different hashing algorithm/uuid for fingerprints #7

Use different hashing algorithm/uuid for fingerprints #7

Comments

Kugelschieber commented Aug 5, 2020 • edited Loading

Kugelschieber commented Aug 7, 2020

Kugelschieber commented Aug 5, 2020 •

edited

Loading