I am using migadu [1] and am very satisfied, unlimited domains/users for free or $4 if you want to mail without advertisement below the mails you send. [1] https://www.migadu.com/en/index.html
I use pass: https://www.passwordstore.org/ - a password manager for the commandline that can be synced with git and stores the passwords encrypted using gpg
Thanks, that looks awesome!
can you recommend one in particular?
no, but you single out a huge amount of people by selecting a name that sounds bad in those languages ;)
You are right, in this case he can use a salt for the hash - my second point is still valid though, but I guess that is fundamentally so if you want to use passwords
Informations we store [...] Hashed value of your email okay, so you can easily make a rainbow-table and thus your users are not anonymous anymore + if someone has your database and want to know if email@email.com has an…
Okay and how do you choose the key for the encryption? If it is the same for all users (which from what you said it kind of has to be?) you could just decrypt it?
and what are you doing with the random text per user (i.e. the encrypted emails)? Why do you need them? If they are encrypted by the user, how can you verify their email then? This does not add up.
I am using migadu [1] and am very satisfied, unlimited domains/users for free or $4 if you want to mail without advertisement below the mails you send. [1] https://www.migadu.com/en/index.html
I use pass: https://www.passwordstore.org/ - a password manager for the commandline that can be synced with git and stores the passwords encrypted using gpg
Thanks, that looks awesome!
can you recommend one in particular?
no, but you single out a huge amount of people by selecting a name that sounds bad in those languages ;)
You are right, in this case he can use a salt for the hash - my second point is still valid though, but I guess that is fundamentally so if you want to use passwords
Informations we store [...] Hashed value of your email okay, so you can easily make a rainbow-table and thus your users are not anonymous anymore + if someone has your database and want to know if email@email.com has an…
Okay and how do you choose the key for the encryption? If it is the same for all users (which from what you said it kind of has to be?) you could just decrypt it?
and what are you doing with the random text per user (i.e. the encrypted emails)? Why do you need them? If they are encrypted by the user, how can you verify their email then? This does not add up.