TiDB Cloud will automatically generate an account based on the registered email address. Shouldn't the email information be anonymized?

Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: TiDB Cloud 会自动生成一个以注册邮箱结果的账号,邮箱信息不应该脱敏么

| username: liups

To improve efficiency, please provide the following information. A clear problem description will help resolve the issue faster:

[Problem Encountered] TiDB Cloud automatically generates an account based on the registered email address.
[Reproduction Path] select user, host, authentication_string, plugin from user;
[Problem Phenomenon and Impact]
Shouldn’t the email information be masked?

| username: tidb菜鸟一只 | Original post link

Regular users probably can’t query this table, right?

| username: zhangyangyu | Original post link

This SQL user is a mapping of the TiDB Cloud account on the database side. All access to the database on the Cloud by the user is executed through this mapped database account. Generally speaking, an email belongs to user data, and this data is only visible to the user themselves. Data masking is one of the effective means to protect user data from unauthorized access. In this scenario, the command “select user, host, authentication_string, plugin from user” is initiated by the user and is only visible to the user. Therefore, please rest assured that the data is safe in this scenario. It is also recommended to ensure account security and not to authorize others casually.

| username: liups | Original post link

I created a TiDB database with a new account that has an extremely long email address, and I found that this account is no longer an email. From my observation, it doesn’t seem to be truncated but rather an automatically generated string. Shouldn’t all accounts automatically generate one instead of including the user’s email information?

| username: zhangyangyu | Original post link

Each user and APIKey in all projects will have a corresponding account. This account is generated according to certain rules, and TiDB’s username has a length limit. Therefore, for overly long email addresses, only a part of it will be reflected.

| username: liups | Original post link

I understand the rules and usage, but why not just generate an account unrelated to the email account according to the rules using a super long email?

| username: liups | Original post link

Who is so bored to mark this question as resolved? It’s happened twice already. Shouldn’t it be me who asked the question to mark whether the issue is resolved or not?

| username: Billmay表妹 | Original post link

You can join this group and post the link to your information and questions in the group.

| username: Billmay表妹 | Original post link

It seems like a very common practice. There are many tech websites where I can log in using my GitHub account. After logging in, it will automatically create an account for me using my GitHub account email.