https://stackoverflow.com/questions/14237353
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThis is useless comparing to simple hash.
Hash a value with itself as salt
Frage
I'm developing an application where users can search for other users that are already registered with their email. But because I don't want people to send me the addresses of their whole contact book in plaintext I was thinking about some SHA512 magic:
The client appends every email to itself:
hash = sha512(email + email)
And the server is doing the very same thing when registering a new user. (Once an email is registered I will store it plaintext as well as hashed for database lookups and account recovery and stuff)
Please note that this is nothing critical. I just want to make sure that you can't check those emails by simple google the hash or by mathematical calculations base on how sha512 works. Just in case my database gets leaked.
Should this do the job (or is it completly useless in comparison to a simple sha512 hash?). Or is there a better approach to get this?
Thanks in advance
Lösung
Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
