Using Many Email Addresses to Reduce Your Cybersecurity Risk

The days of having one email address are over. We are putting all our eggs in one basket by having one address. If someone hacks that account, we could be in big trouble.

Guessing An Email Address

Guessing an email address can be easy. We can guess an email address by trying any of the following:

  • FirstInitialLastName@gmail.com
  • FirstNameLastName@gmail.com
  • FirstName.LastName@gmail.com

What is the chance you have this email address?

Social Media Accounts

We often post too much information on social media accounts. We post our name, location, recent activity, links, and more. Someone can use this information to deduce information. They can guess an email address, figure out security questions, or even take it over. We are making it easier for someone to guess our email address.

Taking Advantage of Email Tags

We can be in big trouble if our important accounts use the guessable address. We can reduce this exposure by using email tags. We can sign up to a bank website with the email . Many email providers and online accounts support this capability.

Taking Advantage of Many Addresses

Services like Gmail make having many addresses cost-effective. We can have a different email address for a different purpose.

  • FirstName.LastName@gmail.com for emailing friends and family.
  • FirstName.LastName.DesiredJobTitle@gmail.com for job hunting and resumes.
  • FunPseudoNameOrHandle@gmail.com for non-important accounts.
  • SeriousPseudoNameOrHandle@gmail.com for important accounts.
  • AnotherSeriousPseudoNameOrHandle@gmail.com for your password manager.

Make sure you use a "PseudoNameOrHandle" that someone cannot guess.

You may also use email tags to make it more difficult to guess the email address. For example, using a convention per account.

Has Your Email Address Been Leaked?

You should check whether your email address has been leaked. You can use Have I Been Pwned to check all your email addresses. Create a new email address and start moving your accounts to that email address if you have been Pwned.

Conclusion

Using different email addresses as a cybersecurity strategy can reduce our risk. But make sure to follow good security hygiene. Use a strong, unique password for each account. Enable two-factor/multi-factor authentication. Update your passwords regularly. Also, check all those email accounts to avoid missing important messages.

Before You Go

Join my mailing list to receive updates about my writing.

Visit miguelacallesmba.com/subscribe and sign up.

Stay secure,
Miguel

About the Author

Miguel is a Principal Security Engineer and is the author of the " Serverless Security " book. He has worked on multiple serverless projects as a developer and security engineer, contributed to open-source serverless projects, and worked on large military systems in various engineering roles.


Originally published on Secjuice.com

Photo by Przemyslaw Kruk on Behance

No Comments Yet