User fingerprint hash should be different by default on separate websites #6824
Labels
c: Privacy
For issues that impact or improve the privacy.
Task
Indicates an issue is neither a feature nor a bug and it's purely a "technical" change.
Milestone
The goal of this issue is to increase the Privacy-by-default in Piwik, by ensuring that Piwik will generate, for the same user across multiple websites, a different fingerprint hash
config_id
. Currently Piwik will generate the same fingerprint hash for a same user, across multiple websites.To prevent Piwik admins from easily finding out all actions by a same user, we will introduce a seed in the fingerprint hash algorithm that will make it unique across several websites. Discovered this while working on #5907 - see also #5276 and #6160
Follows up #6082 and #6079
The text was updated successfully, but these errors were encountered: