Why not just assign a random 64-bit number to send with a user ID. Take a 64-bit number, divide it into 5-bit chunks, and use each 5-bit chunk to index in the 32-character alphabet: 23456789ABCDEFGHJKLMNPQRSTUVWXYZ (conveniently omitting 01IO). With a 64-bit number and 5-bit / code (except the last), you get a 13-character pool to use to identify the user. You can overlay it on 2 random characters to get 3 groups of 5 characters each.
Make the id and blank part of the login url. Check the value of the bullet stored with the identifier in the database to make sure they are the same. I think that for most purposes this would be a big enough value to make it extremely difficult to guess - the number is random after all - which slug comes with which user ID. Using a cryptographically strong random number generator, I would have thought it would be unlikely that you would even get repeated numbers for any of your users.
It might look like this:
http:
Using a hash of known values ββcan actually make it easier for someone to guess the correct code than using a random number. Using a hash, you only need to guess which bits you are using and run them through various hashing algorithms. If someone can put them together, say, given several examples and enough time to try different combinations, then all they need to do to crack someoneβs code determines (possibly) well-known attributes for a given person and uses them to personalize them and create an account. With a strong random number assigned to each person, they are left only with brute force.
tvanfosson
source share