fusionauth-issues icon indicating copy to clipboard operation
fusionauth-issues copied to clipboard
verified publisher icon FusionAuth

Gravatar URLs are md5 instead of sha256

Open theogravity opened this issue 1 year ago • 1 comments

Gravatar recommends sha256 instead of md5

It seems the rationale is that it's possible to reverse-engineer the e-mail address from the md5 hash.

https://github.com/Automattic/wp-calypso/issues/87886

Description

I think FA is using md5 instead of sha256.

At some point, gravatar started recommending sha256, as their docs say to use it:

https://docs.gravatar.com/api/avatars/hash/

theogravity avatar Sep 04 '24 22:09 theogravity

Thanks for the enhancement suggestion, @theogravity ! We have a backlog of work, but when we review the admin UI, we'll see if we can get this work fitted in.

mooreds avatar Sep 23 '24 22:09 mooreds