Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

SHA256 hashing email addresses for GDPR reasons

0
0

This is a followup on the previous post C# Mask email address for GDPR reasons , where userInspector Cluedget pointed out that masking ( replacing characters with * ) an email address in the log file is the least safest of the data masking approaches available.

This extension method will SHA256 hash the email address and add a fake domain name (to make the string look like an email address).

THE EXTENSION METHOD: using System.Security.Cryptography;
using System.Text;
namespace MyNamespace
{
public static class StringFormatter
{
public static string MaskEmail(this string s)
{
return SHA256(s) + "@domain.com";
}
private static string SHA256(string s)
{
SHA256Managed sha256 = new SHA256Managed();
StringBuilder hash = new StringBuilder();
byte[] hashArray = sha256.ComputeHash(Encoding.UTF8.GetBytes(s));
foreach (byte b in hashArray)
{
hash.Append(b.ToString("x"));
}
return hash.ToString();
}
}
} USAGE: using MyNamespace;
public void TestMethod()
{
string email = "someperson@somedomain.com";
string maskedEmail = email.MaskEmail();
// result: 14683d88281fc3ad43f39f8ceab111c96cc145be2a3feec98f914661f18d@domain.com
} WHY?

With the new GDPR rules you must be very careful when storing emails or other personal information anywhere, including your log files . And you should never give out a log file containing email addresses to a third party, even when this third party is “just helping you with a totally unrelated code bug elsewhere”.

There are many approaches to ensure GDPR compliance. The best way is to remove any personal data from any log file. This is not always possible, feasible or practical, which is why pseudonymization or data masking approaches will come in handy.


Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles





Latest Images