HACKER Q&A
📣 strix_varius

Best-practices for email and account hygiene?


I've recently noticed increasing notifications (both via email & 2FA) of attempts to break into various accounts (extant and not). I've enabled 2FA wherever it's available and every password is unique via LastPass, but all the notifications I've been getting have me alarmed. For example:

"We received a request to reset your password on BestBuy.com. However, we don't have an account associated with this email address..."

This, combined with the uptick of spam getting through gmail's filters, has me considering the daunting task of migrating all of my accounts from me@myname.com to... something else.

I'm curious about the experiences & lessons learned from others here who may have gone through something similar. My current plan is to migrate to accounts+bestbuy@myname.com, accounts+amazon@myname.com, etc, and to isolate human-to-human correspondence at somethingelse@myname.com. But I'm open to alternative strategies.

  👤 blitzar Accepted Answer ✓
Consider - https://simplelogin.io/ (anonaddy.com is similar) I use it with a custom domain, which in turn is a subdomain of my regular custom domain. i.e. @myname.com is on my main mail service - simplelogin used the @mail.myname.com.

I dont use these services for their 'anonymous' addresses, but for managing using multiple unique addresses. Others have mentioned the apple equivalent.

Unique email address per thing in much the same way as you have unique passwords. Emails forward on to my main address.

👤 lambda_lord
I love using iCloud's Hide My Email feature to create a unique email for every signup form or random person you contact. You can also use a Custom Email Domain with iCloud so I can imagine this feature might be usable outside the Apple ecosystem.

Overall I find this system very easy to use. If you are outside the Apple system you can use the web interface for managing your email addresses, but it's missing some small features: for example, you can't see when's the last time an email address has been used.

👤 pid-1
I use Fastmail + 1Password integration

1PW creates an unique email for each one of my accounts.

That said any email provider that allows you to use your own domain will likely support aliases, which also should do the job.