“An Identicon is a visual representation of a hash value, usually of an IP address, that serves to identify a user of a computer system as a form of avatar while protecting the users’ privacy. The original Identicon was a 9-block graphic, and the representation has been extended to other graphic forms by third parties.” — Wikipedia
The Identicon was invented by Don Park in 2007. His idea was to produce a visual representation of data on the web normally seen as strings or numbers.
You see them on websites like GitHub, Stack Exchange and many sites that have a comment section. Since the brain can sort through images quicker than strings of text, they are provided as default avatars to easily distinguish between two or more “Markus Driscoll’s” posting in the same thread if they haven’t provided their own photo.
Identicon generators take some form of user data and run it through a hash function, often MD5. Then the return values can be converted into colors and matrix references in order to render different bitmapped images. This hashing of information is good for generating images and can be used as a checksum to verify data integrity, but does not completely obfuscate the information.
For example, if you run the string “cat” through MD5, the return value is an array of 16 digits with a range of 0–255:
arr:(16) [208, 119, 242, 68, 222, 248, 167, 14, 94, 167, 88, 189, 131, 82, 252, 216]And if you run the string “Cat” your return is:
arr: (16) [250, 62, 189, 103, 66, 195, 96, 178, 217, 101, 43, 127, 120, 217, 189, 125]The MD5 algorithm is a widely used hash function in the creation Identicons. Since the simple introduction of a capitalized letter, period or space in a string will significantly change the return values, it is great for creating a unique avatar. However, the 128-bit hash algorithm, designed to be used for encryption, was first published in 1992 and suffers from many vulnerabilities. It can easily be cracked within seconds by an average computer.
The information used to produce an Identicon maybe your IP address, email, or user id. So how safe is that information? Probably pretty safe. Most websites now add additional data to your input in order to salt the hash or use a third-party service that generate images with better algorithms and allow you to carry your Identicon to other sites that use their services.
If you want to change the look of your Identicon you can try “changing” your email address. For example, Gmail ignores “. ”characters in the username. So you could be “user@gmail.com” or “u.s.e.r@gmail.com” and Gmail treats it the same way.
Or you could just set your own image with an actual photo.
Either way, using a distinct image to identify your posts is useful for you and those wanting to follow or respond to your posts. And it’s convenient that Don Park gave us this tool that seamlessly generates this special, easily identifiable image for us.
