Many people do not consider email addresses as sensitive information and often use a single address to create multiple accounts across many web applications. However, this is not good email hygiene. Email hygiene is often neglected and it’s essential to have a system or strategy to protect sensitive information.
According to a recent podcast episode on Michael Bissell’s Privacy, Security, and Oceans, having a system for email hygiene is crucial. An email address is sensitive information, just like your password, and it’s essential to have a strategy in place to protect it.
Breached credentials are a hazard, and most times, passwords are hashed, not email addresses. Unfortunately, data breaches have become quite common, which paves the way for bad actors to employ spam and phishing attacks. If your email address is public knowledge, bad guys could scout around data dumps, making your email address a window into your digital life.
To avoid this, it’s essential to designate your email addresses. Never use your personal email address for registering to web applications; share it only with friends and family. Have a separate email account for banking and other financial services. Use a unique email address for registering to social media websites and another for shopping and e-commerce. Finally, use a junk email address for purposes like signing up for newsletters, blogs, forums, and other websites.
The idea here is to avoid having a single point of failure. Having just one or two email addresses where most of your accounts are linked would prove to be risky. However, using burner email services like AnonAddy or SimpleLogin can make the task easier. Email providers like ProtonMail and Tutanota give you the option of creating multiple aliases under a single account. These email providers are also end-to-end encrypted services, which is great for privacy.
Exercise caution when it comes to using burner email services. There are chances web applications may block the burner email alias, potentially blocking you out of your account. Use them only for junk services and not for applications you may want to have a long-term relationship with.
At the end of the day, it’s not enough to create a strategy; you need to secure your email accounts. Use unique passwords for every email address created, activate two-factor authentication, and create dedicated recovery email addresses.
Creating recovery email addresses may seem like a stretch, but it’s essential to have two unique email addresses for the sole purpose of recovery. Never use these email addresses elsewhere, make one the recovery option for all your email addresses, including your second recovery email address. Make the second recovery email address the recovery option for your first recovery email address, and create your recovery emails with hard-to-get usernames and activate two-factor authentication.
In conclusion, email hygiene is essential, and having a strategy in place to protect sensitive information is crucial. Designate your email addresses, use burner email services cautiously, secure your email account with unique passwords and two-factor authentication, and create dedicated recovery email addresses with hard-to-get usernames.