Hash to display email

[picture of Niles]

I use an e-mail generator to power the "E-mail address" box in my Contact Information section. This has a few advantages over the most common ways of showing email addresses (either plain text, or written with words like 'AT' and 'DOT', or displayed as an image):

  • The email address is not written in plain text, so it is harder for spammers to algorithmically collect. It is—in principle—cryptographically secure; as secure as the hash function you use, anyway.
  • Upon receiving correct input, it displays an email link which can be clicked or copy-and-pasted.

The basic functionality of the e-mail generator is like a password or captcha: you type the right password and the script returns the e-mail address. But this has to work without encoding the e-mail address or the password in the html or javascript. So the script just provides a function which takes words as inputs and gives e-mail addresses as outputs. If you type the right word, you'll get the right e-mail address, and if you type the wrong word, you could get the wrong e-mail address. But, there's a failsafe built in!

The script computes the md5 hash of the input (two hashes, actually), and compares this with a value stored in the script. The md5 hash is a function which takes arbitrary strings of words as inputs, and returns a 32-digit hexadecimal number that has no apparent relationship to the input. This way, even though the script doesn't know the password, it can tell when the input is right! If it is, then the script returns the corresponding e-mail address. If not, then you get a little error message.

Note: it is true that md5 is "broken" from a cryptographic standpoint. As reverse lookup becomes easier and easier, perhaps I'll have to switch to another hash function.

Instructions

Interested in setting up something like this for yourself? Read on! These instructions do require some familiarity with javascript and html source. You'll need to know how to modify them to suit your particular situation, and how to include them on your webpage. They should be usable if you've written at least one Hello World! function in javascript.

  1. Save the file md5.js. This is a javascript implementation of the md5 algorithm, written by Paul Johnston.
  2. Save the file email-display-functions.js
  3. Put the html code on your webpage. (Copy it from the demo below.)
  4. Include the two .js files in your html header.
  5. At this point, you should have a working version of the demo shown below—test it.
  6. Modify email-display-functions.js so that it returns your email address (3 steps described at the beginning of the file).
  7. Modify the html code as you please.

A demo

This box is a working demo. It will return a demo email address if given the input string 'hashtest'.

Fill in the correct input to reveal an email address.

 

For more information, see the
contact page.

Hash test

This box just shows the hash value of its input. You can use it to get the value of 'myHash' for your input string.

 

show background grid hide background grid grid OFF

Creative Commons License

The pages of nilesjohnson.net are licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.