保存在数据库中的没有秘密的用户帐户激活电子邮件是否相当安全?
我想创建一个时事通讯应用程序,用户自然必须确认他们注册了时事通讯,这样如果某些机器人输入了地址,我们就不会向他们发送垃圾邮件。
我的想法是简单地向用户发送一封电子邮件,其中包含一个链接,该链接在 url 中包含一个秘密,该链接是电子邮件地址的哈希值和一些秘密站点密钥。
我的问题如下: 有人可以通过注册几个帐户并因此接收其地址的秘密哈希值来猜测站点密钥,从而注册她想要的每个电子邮件地址吗?
我看不出这样做能带来什么好处,但如果这很容易,很可能有人会这样做,而我会被列入黑名单。
我不存储未激活的用户帐户的原因很简单,我不想每 x 天从数据库中清除它们。
I want to create a newsletter app and users will naturally have to confirm that they signed up for the newsletter so we don't spam them if some bot entered addresses.
My idea was to simply send the user an email that contains a link that has a secret in the url, which is a hash of the email address and some secret sitekey.
My questions is the following:
Can someone by registering a few accounts and thus receiving the hash of the secret with his address, guess the sitekey and thus register every email address she wants?
I don't see anything that could be gained from doing that, but if it is very easy, chances are someone will do it and I get blacklisted.
My reason for not storing a non activated user account are simply that I don't want to purge them from the DB every x days.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果您确保使用 sha1 之类的内容和完全随机的 salt/sitekey,那么它将是尝试使用字典攻击对站点密钥进行逆向工程是徒劳的。
如果有人确实想要合成自己的哈希值来注册任意地址,那么更有效地利用他们的时间就是访问您的服务器来读取源代码:)
If you ensure you use something like sha1 with a completely random salt/sitekey, then it would be futile to attempt to reverse engineer the sitekey with a dictionary attack.
If someone did want to synthesise their own hashes to register arbitrary addresses, a more effective use of their time would be to gain access to your server to read the source code :)
我认为最好生成一个随机秘密并将其保存在数据库中。 这样一来,就没有什么可以猜测的了。 (至少没有任何授予添加任何电子邮件权限的内容)。
I think it would be best to generate a random secret and keep it in the db. That way there is nothing that can be guessed. (At least not nothing that grants permission to add any email).