this post was submitted on 04 May 2024
27 points (100.0% liked)
Privacy
31935 readers
749 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I do this for every website, not just financials. As long as you have a quick and easy way to create the email aliases and you’re using a password manager I think it can be an easy and effective boost to security.
Although I agree with you, I don't think that's what OP was asking about based on this part:
It seems they are asking if an separate email account for each service would be beneficial. My opinion is it would limit the attack if an email account was hacked, but definitely not worth the hassle. Email aliasing (like the comment above me says) gives you some of the benefits without needing to juggle multiple accounts.
I might actually recommend it for anything except financials. Financials are very important to have access to, and sometimes your email address is the only way to access your account.
~~I want something very stable as my email address for such cases, because I don't want to risk my email alias provider shutting down, or my self hosted setup to randomly die. Or even some weird "security measure" where the bank decides that any unknown domain is no longer ok.~~
In such cases, I want my email address to be reliable. Email alias providers shut down from time to time, and I don't trust my skills to set up a reliable self hosted option. If my setup breaks after an upgrade, I might be out of luck till I can change my email with the banks.
Banks also have their own policies, and sometimes they make questionable decisions in the name of "security". Companies already block certain alias domains, and there are stories out there of people being locked out of their online accounts after a domain was blocked. Banks are meant to be trustworthy so they may take an even harder stance on it. They may decide to restrict the common alias domains (ex. citing that spammers use them), or even restrict personal accounts to the big email providers (ex. Gmail).
For example, some bank apps don't work on phones with a custom OS (grapheneOS). Singapore went even further with:
Ultimately it's a lot of risk for a very small reward. If you use a different password for everything (you should), then someone knowing your email still won't be able to do much. The bank itself would have way more information about you, so it's not like you're protecting yourself from the bank with a custom email.
You've used some phrasing that I am not really following. What exactly do you mean by "stable" in regards to an email address? And what is an "unknown" domain?
Fair enough, I took some time to explain it better above :)
(See edit)