What's the point in hashing phone numbers?

ProtonMail may request your phone number to perform a human check:

  • ProtonMail detects that you're attempting to create several accounts.
  • It requests you a phone number, to send you a token via SMS.
  • You must send that token to ProtonMail to prove you're the phone number owner.

Then, ProtonMail doesn't need your phone number anymore, but it still need to use it to prevent spammers to create multiple accounts.

Hashing the phone number allows it to not store the original number and to prevent someone to use the same number twice.

From their FAQ:

However, using the same phone number will result in obtaining the same cryptographic hash, so by comparing hashes, we can detect re-use of phone number or email addresses for human verification.

Thus ProtonMail doesn't seem to use unique salts.

We also know thanks to a tweet from Bart Butler (ProtonMail CTO) that:

  • ProtonMail regularly flushes stored hashes.
  • Stored hashes aren't linked to any account.

Bart Butler also tweeted:

We use a slow password hash (With a salt) and flush the list and rotate the salt at irregular intervals.

In conclusion: brute-forcing them is possible, but it's neither practical nor useful.


The hash is useful as an indirect map, even if it's not as secure as a typical hashing setup. One of the biggest benefits is purely social. Hashing (even a weak hash) draws a clear line in the sand for an employee about what is acceptable to view. Putting up any barriers to viewing the real phone number will help keep honest people honest.

it should be quite easy to recover a phone number from its hash

Easy is a relative term. True, this hashing setup may not help much against a determined attacker who is willing to perform hash cracking. But you also have to think of the 99% of other employees with access to the data who don't even know what a hash really is, let alone how to crack them.


The point is to not store them in plaintext.

That is probably pretty much it. As D.W. pointed out in his comments, that Benoit's answer, tells you their reason why they store phone numbers and that they hash them. ProtonMail does not tell you why they hash them. We all can only speculate about this, until an employee of ProtonMail tells us the exact reason.

The most probable reason is (in my opinion) is the following:

ProtonMail is a company whose whole business model is founded on secure products and protecting a customer's privacy. If they told you, that they saved phone numbers in plaintext, that would be pretty weird. Hashing them makes much more sense in that regard, don't you think?
On the other hand, ProtonMail doesn't link phone number hashes to user profiles, they flush the hashes regularly and as you stated yourself, there's not much to gain from a phone number.

Hashing phone numbers if they have to store them is better than not hashing them. That's why they do it.
Does it strengthen security much? No.
Is it better than storing them in plaintext? Yes.