What does hashing an email address mean to you? Please be specific.
Comment on Plex got hacked.
NewNewAugustEast@lemmy.zip 1 month ago
Can someone finally realize we need to hash the emails too? I don’t really give a fuck about my passwords, I can change them and they have 2fa.
But changing my email? Pain in the ass and far more irritating to deal with.
ayyy@sh.itjust.works 1 month ago
buddascrayon@lemmy.world 1 month ago
I used a dump email account to set up my Plex so it really doesn’t matter if hackers have it.
NewNewAugustEast@lemmy.zip 1 month ago
I set mine up in 2012 maybe? So been a long time… But in general not just plex.
FreedomAdvocate@lemmy.net.au 1 month ago
Why would you need to change your email?
NewNewAugustEast@lemmy.zip 1 month ago
Having my email lost over the last thirty years, and aggregated and associated means that I get a constant barrage of spam and phishing attempts. Some are very clever. I don’t fall for them but it’s annoying and it does build a profile over time. It also makes hammering at my email server to force the password a constant.
Jason2357@lemmy.ca 1 month ago
Then how would they email you?
Look at addy.io and similar.
some_kind_of_guy@lemmy.world 1 month ago
Ideally, they wouldn’t
NewNewAugustEast@lemmy.zip 1 month ago
Decode like any other PII, so it is encrypted at rest and when stolen.
vithigar@lemmy.ca 1 month ago
Encryption and hashing are different things. You can’t get the original back out of a secure hash. They’re used only to confirm that whatever piece of data you have now matches the one that was provided originally, because they produce the same hash. You can’t store hashes for any data that you ever want to be able to read.
bountygiver@lemmy.ml 1 month ago
e-mail hasing is viable if you are only using your email for sign in and account recovery. Unfortunately it’s not happening because every service would also want to send you periodical emails about other stuffs.
NewNewAugustEast@lemmy.zip 1 month ago
Yeah I want thinking when I wrote that. But the idea still stands encrypt the emails.
frongt@lemmy.zip 1 month ago
So not hashed, and readable through whatever API accesses it anyway.
dogs0n@sh.itjust.works 1 month ago
I agree addy or simplelogin, etc are great.
I started using an email forwarding service when I setup a new email a few years ago and I still have zero spam, because as soon as one service sends one too many marketing emails that I can’t turn off, I simply disable the email alias I used with them (and enable it again if needed down the line).
This is the only way because no website, etc is gonna keep your email address safe and secure, because they don’t really care about you.
Using aliases everywhere also makes it hard to track you based on your email (assuming services share this between each other, advertisers, etc).