![[H]ardOCP](/images/blank.gif){kind=small}
Facebook’s New Plan for Encrypted User IDs
Facebook has announced a new plan for user IDs. The company plans to put all the user IDs into a huge bingo ball machine and continuously rotate them so that hackers can’t get their hand on your unique UID. At least I think that is what they said.
In short, this new proposal embeds the UID in a HTTP POST body ensuring that it will not be exposed in any HTTP Referrer header whatsoever (encrypted or otherwise). We do this by creating a
element targeted at the application Canvas URL. This change will require minimal effort for developers and addresses the feedback that we have received to date. You can learn more about this change on the POST for Canvas page.