I honest to fucking God don’t understand how cybersec is so fucking bad that there are so many damn data breaches that I lost count. I had a few accounts on chatgpt (that I dont use anymore) but they are all compromised now…
Just what the fuck is this shit? Are they done by lone actors or cybercrime gang? Or are they state actors or state-backed actors? Or are they inside jobs to allow the company to sell data illegally to make more money? Flock has admitted to using data from data breaches to their system.
You also notice how rarely you hear about cybercriminals getting caught? It’s almost like if you take even a minor bit of opsec you can get away with anything.
Never use emails addresses tied to secure services such as banking or shopping or gov services for any other purpose.
Create email addresses through various services for various purposes.
Banking, google services like YouTube, social media, personal - friends and family, and of course an account for porn.
Don’t use your real name or any actually useful when creating an email addreas
Use email relays or anon email that creates random addresses and forwards to your email.
Use proton mail and have up to 10 alias accounts at a time.
Use temp email addresses.
Compartmentalize your online accounts and data to minimize exposure and damages.
If I understand correctly this impacted users doing API stuff so as a general user I’m unaffected, which is a relief. Didn’t have en e-mail, at least.
I like some of these ideas, so that if you are a target of a leak they don’t get everything and easy access to other things. At some point people are going to stop focusing on security for convenience sake. So what’s the cutoff, financial institutions get different emails/usernames/passwords? Government sites? Medical? Etc.
Not gonna happen. I would need at least 50 email accounts to compartmentalize everything I do online. Honestly probably a lot more than that. Maintaining that many accounts becomes a security risk in itself.
If you own a domain you can redirect all to a single inbox, so there is nothing to manage. You register at randomsite? [email protected] it is. Every account gets a unique email address, all emails end up in the same inbox, and there is nothing to do, you have infinite addresses.
And you never share your actual Proton address where it all ends up.
This is exactly what I do but it continuing to be a rarity is it’s best feature I believe. If it were common then hackers would script for detecting the pattern and I’m not sure it’d be any less vulnerable.
That’s exactly what I have been doing. I still have my Gmail account… but only for government and commercial shit. Anything else has an alternate or even temporary email.
Including lemmy accounts.