E-Mail Hashing - Privacy Improvment
NilsBaumgartner1994 opened this issue · comments
Describe the Improvement
As users can register via different auth providers as for example Google, their external identifier is their email adress. This works totally fine, but considering privacy policies it would be nice to have an option of a hook to hash the email, adress into a string.
Can you elaborate on how this would work? After the email has been hashed it can no longer be used to send mails to that user like, notifications or password resets 🤔
These are 2 features currently.
There is a need for the separation of: email address and external identifier.
if you want pseudonym users you would leave out the email adress, users can’t reset password but for SSO logins not necessarily and it would be more privacy policy friendly.
By default the email would be saved