Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add salt to hashed PII #288

Open
Bento007 opened this issue Oct 14, 2019 · 1 comment
Open

Add salt to hashed PII #288

Bento007 opened this issue Oct 14, 2019 · 1 comment
Assignees
@Bento007

Comments

@Bento007
Copy link
Member

Bento007 commented Oct 14, 2019
edited
Loading

Currently the key used for linking object in cloud directory is a hash of the users name. Sometimes the users name is the user's email which is considered personally identifiable information (PII). To prevent a malicious user who has access to the directory from guess the users hash in cloud directory a random secret key must be added to all emails before hashing. This will make it more difficult for someone to guess the users hash. This will involve migrating existing users in the data base to a salted hash.
@Bento007 Bento007 self-assigned this Oct 14, 2019
@Bento007
Copy link
Member Author

The DCP AWS account must first be compromised before cloud directory can be compromised. This is a low risk issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Bento007 Bento007

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Bento007