On Fri, Apr 14, 2017 at 12:07:19PM +0100, Bernhard Rieder wrote:
I you hash the userhandle, e.g. with SHA-1 or similar (which is even possible in Excel with a small formula), there is no need to keep a correspondence file, because hashing a string will always yield the same hash - while making reversal virtually impossible (i.e. you cannot get the handle from the hash).
If you do this, please add a "salt" string that only you know to the Twitter handle. If you only do SHA1, while it is not possible to perform the inverse operation, the correspondence between the hashed string and the original handle can be guessed by brute-forcing the conversion of a list of handles. But I you convert the string "twitter_handle_1" + "mysalt" = "twitter_handle_1mysalt", that cannot be done (unless you also publish the "salt"). Cheers, JMM.