As a professionnal system administrator, I have the highest level of access possible. Because I have this level of access someone could try to hack me or might threaten me to get some information I have access to.
I don’t want to discuss my threat model, but I will give you some tips to get better privacy and security online. There’s many way to do this, I’m not saying I have the best one, but I will share how I do it.
Discussing Email Strategy
Whether we like it or not, email is still an important method of communication today. If someone could access your email, they could probably get a lot of private information. A significant risk is the way your email is linked to your other online accounts.
For example, you can enter your email address into sites like HaveiBeenPwned to see if a site you had an account with has been breached.
If your email is on the list, you had an account associated with that email on a site that was hacked. Your email and password are part of a list of accounts publicly available on the internet.
If you use this same email address for other accounts you have, people have probably tried to access your other accounts with the password from the hacked website.
For this reason, I use several email addresses as well as a different password for each of my accounts.
Here is a summary of the email strategy suggestions:
- Use an (anonymous) email address for each of your accounts.
- Use a different password for each of your accounts.
- Use multi-factor authentication on all sites that support it.
Suggestions may seem impossible, but here’s how :
- Acquire a domain name that is not associated with you (eg eg01.net).
- Associate this domain name with a secure e-mail service (eg Protonmail or Tutanota).
- Use a unique account for each of your online accounts (eg email@example.com, firstname.lastname@example.org). You can do this by defining aliases that will be associated with a primary email address, where you can define a “catch-all” email address.
- Use a different secure password (+20 characters) for each account. Use a password manager for each of your passwords, this way you won’t have to remember or type them in every time you need them.
- Use multi-factor authentication on all sites that support it. Avoid using SMS as a two-factor authentication method.
Here’s an exemple of the way you could setup your accounts, it might seems a lot, but you would actually only have two emails services to check. You could really setup everyting into a single account and you would have only one place to see all your emails. I’m a curious person and I use multiple emails services because I like to test different services.
Here’s a list of the most popular secure emails providers :
For disposable account, you can use disposible email services such as AnonAddy or 33mail.
Hope this help, feel free to comment if you want to discuss about your email strategy.