|
|
|
|
|
|
by alexey-salmin
771 days ago
|
|
|
argon2id with dynamic salt should effectively prevent this, but it will also not allow to tell if two users have the same e-mail or not -- which I suspect is the main reason for hashing in the first place. If equality-check is required to prevent e-mail reuse by spammers then argon2id with static salt rotated every few months will be reasonably strong too. Of course I have no idea if any of this is implemented or it's just sha256(email). Just replying to the question of general feasibility. |
|
|