Replying to Avatar utxo the webmaster πŸ§‘β€πŸ’»

If I sha256 hash your IP on my site to identify you, does that count as tracking your IP? πŸ€”
Avatar
ContrarianAgrarian 2y ago

Do I get to set a password and salt? I trust you are a good actor but I’d rather whatever is developed doesn’t require trust in the host or a third party to not have a rainbow table for IP addresses.

Reply to this note

Please Login to reply.

Discussion

Avatar
utxo the webmaster πŸ§‘β€πŸ’» 2y ago

This would be for unauthenticated users trying to brute force sign ups or logins, once you're logged in I identify you with the email you used.

Avatar
ben 2y ago

rate limiting by ip is common and good

Avatar
utxo the webmaster πŸ§‘β€πŸ’» 2y ago

We still gonna hash it and maximum cache for 1 minute, I think it's a reasonable trade off.

Avatar
ContrarianAgrarian 2y ago

Seems reasonable enough.

Avatar
ContrarianAgrarian 2y ago

Email? Will users be able to sign up with an npub? 😁