Redaction Strategies
Redaction Strategies
Strategies receive a detected value and detector name. Detectors decide what the sensitive span is; strategies decide what replaces it.
mask
hash
tokenise
drop
Pii::redact($text);
// [REDACTED]
$strategy = app(\Padosoft\PiiRedactor\Strategies\RedactionStrategyFactory::class)->make('hash');
Pii::redact($text, $strategy);
// [hash:...]
$strategy = app(\Padosoft\PiiRedactor\Strategies\RedactionStrategyFactory::class)->make('tokenise');
Pii::redact($text, $strategy);
// [tok:email:...]
$strategy = app(\Padosoft\PiiRedactor\Strategies\RedactionStrategyFactory::class)->make('drop');
Pii::redact($text, $strategy);
// sensitive span removed
Strategy choice
| Strategy | Use when | Risk |
|---|---|---|
mask |
Human-facing logs and support views | Loses joinability |
hash |
Pseudonymous joins across records | Salt rotation breaks joins |
tokenise |
Forensic recovery is required | Token store becomes sensitive infrastructure |
drop |
Downstream cannot receive placeholders | Text may become harder to read |
The birthday-bound intuition for truncated identifiers is approximately:
where n is the number of unique values and m is the hash namespace size.
Last updated:
Edit this page
Recent commits
![imgbot[bot]](https://www.gravatar.com/avatar/b38ad64a04883c5ecd227c085460702d?d=mp&s=64)