How to not store email addresses

Robin Siudzinski

E-Mail Addresses are sensitive data. To avoid the leak of user-mail-addresses during a data breach, one can implement a protection, used for passwords for years: Hashing.
A hashed mail address can’t be misused easily after a data leak, but it cannot be used easily by the site owner either.
However, basic functions like login, registration and password reset are still possible.

What sites can profit from hashed mail addresses and is it worth losing some functionality over security? And how can this be implemented in Drupal, without breaking it?

When & Where

Time: 
Thursday, 22 September, 2022 - 16:15 to 17:00
Room: 
Room D2