When a messaging system generates connection recommendations for a new user, who first registers with the messaging system, the signals available for generation of recommendations may be limited to the user's contact book matches. Using just this limited signal poses a concern associated with leaking information about users represented by the recommendations. The technical problem of generating connection recommendations for a user at registration time in a privacy-safe manner is addressed by a recommendation methodology that obscures the connection source and the connection distance of the recommended profiles.