|
|
|
|
|
|
by Retr0id
771 days ago
|
|
|
> Due to the hash functions being one-way, we cannot derive your data back from the hash This isn't true in practice. It's not hard to build a big list of ~every email address (give or take), and have a GPU churn through them all until you get a match. If you've ever received a spam email, your email address is on such a list. |
|
|
If equality-check is required to prevent e-mail reuse by spammers then argon2id with static salt rotated every few months will be reasonably strong too.
Of course I have no idea if any of this is implemented or it's just sha256(email). Just replying to the question of general feasibility.