[wp-trac] [WordPress Trac] #53402: Uniform Hashed User Naming Schema for Cross-Domain Interoperability and Transparency in Aggregate Data

WordPress Trac noreply at wordpress.org
Tue Jun 22 07:07:29 UTC 2021 

#53402: Uniform Hashed User Naming Schema for Cross-Domain Interoperability and
Transparency in Aggregate Data
-------------------------------------------------+-----------------------
 Reporter:  411c3                                |       Owner:  (none)
     Type:  feature request                      |      Status:  reopened
 Priority:  normal                               |   Milestone:
Component:  Privacy                              |     Version:  trunk
 Severity:  normal                               |  Resolution:
 Keywords:  needs-design-feedback needs-testing  |     Focuses:  privacy
-------------------------------------------------+-----------------------
Changes (by 411c3):

 * status:  closed => reopened
 * resolution:  maybelater =>


Comment:

 Replying to [comment:3 johnbillion]:
 > @411c3 It's not clear what is being proposed here or what problem it
 solves. This sounds like something at the initial idea stage which needs a
 lot more work before it can be considered for inclusion in other software.
 As an example, what happens when the user forgets or changes their pass
 phrase?
 >
 > It would be a good idea to release this as a plugin first to gauge
 interest.

 Hi John, this solves both identity theft AND more immediately, cyber
 centralization — which WordPress, by design, is a natural response to.
 WordPress gets the job done, except for the inability to seamlessly and
 safely pollinate user identity crossdomain (ie, identifying users from one
 site to another). Gravatar functioned towards solving this issue, but
 poses serious security risks by revealing PII, which have been well-
 documented (and yet it's shockingly still used at every level of business
 and government). The method proposed here is already wrapped into a plugin
 but can be added as an option into core, similar to Gravatar, only much
 safer than Gravatar. The question of forgetting the passphrase evinces a
 misunderstanding of the function of the hashed passphrase, which is
 already widely used in a naming schema in other open source software used
 to sign posts. As incorporated here, into Wordpress, it functions as a
 username or email. If you forget your username and email, then what? And,
 as it stands, usernames already can not be changed. Please reconsider
 opening. It appears this ticket was given a cursory glance without any
 serious consideration. Thanks.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/53402#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list