Is this new, or have online accounts never offered the ability to update your email address easily?

  • 520@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    9 months ago

    I literally am a security expert and the only thing I change between accounts is my password, which I put in a password manager.

    With that said I do have other usernames/email addresses that I use if I’m doing something that I don’t want attached to my public persona. These can also be stored in the password manager so all is still good.

    But individual email addresses per account is overkill and a management nightmare, with a very minimal security tradeoff. I’m not exactly expecting a state sponsored attack on my email after all.

    • Showroom7561@lemmy.caOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      But individual email addresses per account is overkill and a management nightmare

      Since I use a password manager, it’s quite easy to manage, just like different passwords for each account. No difference.

      But having different email addresses also help with reducing spam, so it’s worth it just for that.

      • 520@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        Since I use a password manager, it’s quite easy to manage, just like different passwords for each account. No difference.

        Yeah, but for the actual mail, do you forward the emails to one address? Or do you set up Outlook/Thunderbird to sync all of them? Manually checking all of them would be quite laborious and you might miss the occasional important email if you don’t check regularly.

        • Showroom7561@lemmy.caOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Mail forwarding sucks. I stopped doing this a while ago.

          My email provider handles my main email address (strong password + 2fa enabled), as well as generates temporary emails, and email aliases. Those get funnelled into my email clients, and can be disabled at will, so it’s easy to manage.

          Someone could even use a product like Firefox Relay if they don’t have access to these features already, or want an easier way to do it. As long as the main email is protected, I don’t see any major risks here.

          For newsletters, they go to “kill the newsletter” and I get them in a self-hosted RSS service so they never enter my email stream.

          My password manager also generates random usernames for websites that don’t use email as a login.

          My strategy as of late is to create a disposable, temporary password for a new site that I’m registering to. If I plan to use the account long-term, it gets an alias email (hence, one reason why it’s handy to be able to easily update my email address) or the account is simply deleted. Yes, a little more work, but it saves my sanity in the long run.

          I’ve been going through all my accounts created in the last 20+ years and either closing them (if possible) or changing the email on them (if possible). But I did move away from gmail something like two years ago, and I’m updating any accounts that are still sending email there.

          “Contact customer service” to do this has been messy and frustrating, as it is when I have to contact customer service to close an account.

          The most non-essential sites seem to be the worst offenders; roblox wanted my DRIVER’S LICENCE to close the account. I politely told them to fuck off and delete the account, which they did. LOL