Does this setup make sense? Leave any questions below and if you own your own email domain, it's essential that you create DMARC protection. See how EasyDMARC can help and get 10% off their plans using promo code ATSPROMO here: www.easydmarc.com
@@Criticalmaze if all your aliases forward to the same email address you'll still get flooded with spam, and won't be able to differentiate a phishing attack from a genuine back event.
So, you're telling your audience (and you freely admit) to stealing from businesses like the car show you mentioned. The deal is that that show was giving you access and free stuff in exchange for your contact information. However, you chose to lie. That sounds like theft or fraud at least in moral terms, if not prosecutable terms.
@@esc952 considering "business as usual" these days is to set up a spam filter I would hardly call it stealing, more like a change without a difference
I had a method of doing that 40 years ago. I used a different middle initial for everything. That's how I learned that even the DMV sells your contact info, the drugstore, magazines, car dealerships... My doctor is innocent.
@@pinkmillk I first used a unique initial for Popular science in 1978. And hand-shredded anything headed to the garbage with my personal info on it until I bought my first shredder about 20 years later. I think I'm (a) weird, and (b) ahead of the game.
@@likebot. Yes, I did this way back in the 1960s and it worked a treat. Just looking at my address and noticing the initial told me who was to blame and then I could "divorce" them. LOL :)
Great instructional video. I recall someone telling me that in cases in which they don't want to give out their normal email (thereby ending up with a lot of unrequested email) they use the normal account address they have, but they add a character(s) to the same email account, but it comes in with that character, not affecting the established email account. If I recall, a punctuation is used after the character. This way, they can scan for the added character and dispose of the email as needed and the sender doesn't have his true email address.
I wish I had a live person like you sitting next to me at my desk helping me along. I need to set up a new email address for my bank accounts but have no Idea what I'm doing!
I appreciate this advice, and I like this video, but I also have to agree with the people here who feel like this is all way too much, mentally. I was talking with a friend last year about this topic, and he was gung-ho on creating and managing a whole slew of online identities. Basically like multiple personalities plus a whole accounting system full of aliases. Yes, I have one or two pseudonymous email accounts, but I not a whole lot, and frankly I find it too exhausting to bother using them very much. I will literally rather live the life of a near-hermit and just plain not receive the newsletters, not participate in the interactions, not make the new friends, not buy from the new additional businesses, and so on. This is why we can't have nice things.
As a person that heavy into encrypted emails, and privacy - I have been using temp emails from various sites, and recently thought about using aliases. I didnt think it would help with spam and i have a huge problem with that. Thanks for the knowledge.
@All Things Secured so far its been working good. Got a simple login and found a couple other sites which are just free like zoho and forward email. Only trouble im having with simple login is the pgp encryption messages arent decrypting...not sure why or what it could be on my part but trying out all my options. Thank you for the deeper understanding, I kept making many custom emails and never learned about aliases for emails till now. Gamechanger for sure!
...this is how we live our lives now.... trying to mask our identities ... anonymity ... burner phones... dodging spam advertising ..... VPN's.... 1065 passwords for 12 email addresses saved in a cloud that we pay for with anonymous/burner credit cards ..... i'm 57yo now... good luck to you all 😒
Agreed, the phone number is problematic. I recently tried to work around it with a sign-up and all of the sites which provided promised active phone numbers that would reply to an SMS query used VOIP numbers which can be identified and rejected by the service that demands the phone number. So far, the only thing that seems to work is to get a burner phone and that is too costly for my purposes. Yeah, you can get a Google Voice number but then you have to give your real number to Google and that's no good.
Thanks for another great presentation. I am definitely interested in redirecting junk and spam mail somewhere else as well as separating out my billing and shopping e-mails. Being able to add a false address and phone # are particularly intriguing to combat potential hackers and telemarketers. Since so many places use confirmation e-mails, I didn't know this was even an option.
After watching two of your email security videos, I'm very much intrigued. Subscribed and looking forward to learning how to improve my privacy and security.
I like Protonmail too, but when you mentioned it's security benefits for your financial email and being end-to-end encrypted... I thought that's only if the receiving party is using it as well. Your financial institutions are probably not using Protonmail, therefore it isn't end-to-end encrypted, right?
That is correct. I should have been more clear. The benefit is not the E2E encryption here. It's the fact that you're not using the same email address for your financial institutions that you are for every other account on the internet. So when a data breach occurs and your other emails are compromised, the login credentials for your sensitive financial accounts isn't on the dark web.
@@AllThingsSecured thanks for the clarification. I think it’s also a benefit to not have google (or yahoo, etc.) skimming through our email for marketing or any other purpose. I enjoy your content and appreciate your efforts. Cheers
@@waxjock Many apps have trackers to find email addresses on one’s computer. Probably the only way is to have a separate computer strictly for sensitive email access only. Anyone have any thoughts on this?
@@AllThingsSecured This was the correct answer that you should have given the other guy too. I suggest editing your video to further clarify that point, which was very misleading.
This was well stated but even so it seems complicated. I have trouble understanding how you keep all this straight and how like your Netflix account how the Alias or Group makes it easier to remember or find.
I love your channel and have taken many of your suggestions and implemented them. I do want to clarify though, Proton end to end encryption only exists from proton email account to proton email account. Emails to / from your bank, lawyer, etc. are not encrypted if they do not use a Proton account. Any non-Proton account to Proton email, or Proton email to any non-Proton account is not encrypted end to end.
I had pretty much all my google account stuff leaked in several diffeent batches. And being exhausted on top of that really sucked. Took me a long time to get started with everything. But now I’m reclaiming or deleting every single account using aliases in all cases where it’s possible and randomised passwords for those kept by proton pass. Some 150 accounts is going to take a good chunk of time to get through. Also doing this for all my closest family with the help of the Proton family plan. Next piece is going to be Yubikey, having a spare in a safe as well as saving backup keys or key phrases for whatever service has it enabled.
This is a pain. But it’s worth it. I’m doing that now. Paid for a domain and a mail service. Now I keep all the stuff separate. I had to abandon 2 emails because of the constant spamming. I love it 😊
@@AllThingsSecured Looking forward to it. I've not looked at all of your vids but I'd be interested in your method of handling the phone number problem.
Hello John, great video and just in time for what I want to do now. I'm curious with this approach which email would you use for regular things like utility bills (and accounts), medical and lab results and things of that nature: communications that are not conversations with friends and family, nor are they business related, neither marketing... thanks! By the way, utility accounts as well as medical accounts will normally get linked to your SSN and mailing address... so....
This is really work but in the end I believe worth it. So question is there anyone that has any of your real email addresses other than family and friends? Do all your banks have aliases including Proton? I must say this is bad we have to do all this but this video is good stuff I’m learning a lot.
I originally started using email forwards about 20 years ago when my wife and I were using the same email address for family messages and it was hard to track whether I had seen an email or not since she could have marked it as read. Then I realized I could create more and use rules to sort them into folders. I can't imagine now doing it any other way.
Interesting approach. I don't really understand what you mean by "inbox" here. Is it a separate mail server, or just a particular folder on your personal account which is filtered by the alias to which an email is sent? The encrypted one seems like it has to be a special account, but all the others can be done with a filter on your email client, no?
With respect to private, encrypted email communications at around 4:30 in the video, Proton mail is of NO VALUE unless BOTH sender and receiver are using it. Your bank, financial institution, etc. are NOT encrypting their email messages to you. So your comment at 4:30 in the video is very, very misleading.
Your videos are extemely well scripted, your mimic and gesture amazingly underlines everything you say, making your videos a very pleasurable experience to watch.
The best communication with your financial institutions, doctors, etc, would be their own servers. Usually, they will send you an unencrypted email saying such a message to you exists, and you'll need to login to see it.
I went a step ahead and created a global filter to create aliases on the fly so I don't have to "create" a new alias. I use a brand new email alias for each website I log in. You need your own domain and hosting to do this.
Hi Josh, great content!!! Loved the idea of aliases. Quick question.. you mentioned you use a dedicated inbox for financial accounts .. do you use aliases for each of your financial accounts or do you use the email address that is linked to the inbox?
Yes, I'm interested in more information about creating an online persona. Particularly with a different phone number because many places will only let you open an account by authenticating your mobile number. My number is now compromised because of it. Now, I'm receiving texts and calls from not only unwanted marketers but scammers as well. In fact, I came to your channel hoping to find that you had already made a video on alternate phone numbers.
The virtual numbers are becoming more difficult. I've had 2 for 7 years. Unfortunately, many sites will reject them now because they're typically assigned as pre-paid or VOIP (voice over IP). They insts you have a real number they can sell (IMO), although I'm sure they'll claim security. It's still worth getting one though - All Thing Secured has a good video on that. I've not had ONE robo since I got by first one, and maybe 3 telemarketing people, in those 7 years. Set it up to require an extension to get through (and don't use 0 or 1) - robocallers aren't setup to handle that (only because it's rare).
While your proton mail inbox is encrypted, they store your private encryption key on their server, which means anyone who hacks their server will have access to that server's keys and associated inboxes. In addition to that, the end to end encryption only occurs between proton mail users, unless you're using the password protected email setting when you send to people who don't use proton mail. Proton mail also logs IP addresses, among other issues, so they're not particularly good.
I believe you need to do a bit more research since you seem to be very misinformed. They use PGP so anyone with your Public PGP key can send you an encrypted email and send it to you, only you with the private key can decrypt the email. Additionally, Look for their block on zero-access-encryption and you will see that what commented is not the case. Your details may be stored on the server, but all the data on their servers are encrypted-at-rest. To access your data you need to have your password. Unless they hack your account specifically, there is not a way to access your. Hope this helps.
Friends and family are the biggest source of spam and unwanted emails. I give each person their own email alias that directs to my personal inbox, this way when I start seeing spam in my inbox I know which person is the cause, delete their alias and give them a different one. Its especially bad when people CC everyone in their contact list with stupid jokes and then all those people have your email address and you start getting spam from them.
Learned so much, and I'm going to follow your lead. I had no idea newsletters could be stored directly into a folder. Now I just need to figure how to do it. Thank You!!
Thanks for the video Josh. I posted a comment around August on one of your videos. It was about the LastPass security breach. And today, I received an email about another breach on LastPass. Not sure if I need to transfer to a different password manager or not, but it has been freaking me out a little. Not sure what it means…
i have had 5 e-mails addresses for years. soon as i started getting spammed i created the others one was for serious ones, work related, friends etc others depending on topics one was "a never use" one just for confirmation details every few months i just bulk delete everything
@@AllThingsSecured YES! Please consider an article or PDF that steps through setting this up with enough detail that I could accomplish it on my own. I have been trying for years to develop a system like yours, but I have not been able to work out the downstream flow as elegantly as you have done. Thank you for such useful content!
Thanks for the great video and tips. Some quick questions.... You said Email newsletters go to your alias in Personal in box, and all other alias groups go to your Pseudonym. Do you do that even for your shopping and streaming? What happens if you have a complaint and need to get a refund? Don't you need to use a real name for that? Genuine question - trying to streamline own processes here
I'm going off your security checklist and this is BS we have so many unscrupulous people out there wishing to do us harm. It's taxing to make all of these changes, but it it worth it in the long run!
Thanks for the ideas! So, when you say "alias", you mean a separate email account, right? I think some email providers allow you to add "aliases" (especially if you are using google workspaces). also, for your proton mail. end-to-end encryption is just between you and proton, right? if I am dealing with a company that is sending me email via google, google will still be able to read it, no?
Started watching your channel two weeks ago and I love it. Great content, not to long per movie, really great! Have a two questions: 1. Does it really matter if it is compromised since the attacker does not know the real e-mail address? 2. What happens if the attacker sends for example big file which is too big - does he gets notification from alias or real e-mail address? Thanks a lot for a help!
"I only give this email address to my family, which means that any email received in that inbox is important to me." Oh, yeah, those crazy conspiracy theories from your dad and those cat video attachments are vital.
This is good tactics, but proper end-to-end encryption doesn't exist, except if you have mail servers within your own company you are sending between. Proton or others does only encrypt within their own systems. not outside, to other providers. For that you need to set up something else of a solution. Although, the email are secured within the mailbox itself. not read, not hashed, not scanned in any way. that is the only thing you really get. The alias grouping is a perfect setup though. I've used aliases for the sake of easy login to streaming accounts etc for years. But i didn't know there was a service for this too. perfect! =)
❓ I am really enjoying your channel and appreciate all the how-to vids I was wondering if you could explain the difference between hide my email vs aliases? I understand both are types of aliases but can you give me an example where one is more useful than the other or how would you pick between the 2 options... Let's say I'm signing up for Pinterest what would you choose... Hide email or an alias I have a proton acct so I can use either but proton isn't clear on the DIFFERENCES
Hey Josh, how's it going? As far as I know the end-to-end encryption in ProtonMail only applies to emails sent and received inside the PM servers (unless you are using PGP or some kind of pre-shared password). That means that when you send an email, for example, to your bank, unless their emails is also being handled by ProtonMail as a Message Transfer Agent (MTA), it is not going to be E2EE. Can you confirm that, or this is not the case anymore? Thanks!
That is correct. As I've said in replies to other comments, I didn't do a good job of explaining that. The value of using a separate E2EE email provider for your banking is not the E2EE, which as you noted does not apply here. The value is in having a login email that isn't publicized anywhere else and therefore is not susceptible to hacks or data leaks from other 3rd parties. Make sense?
@@AllThingsSecured I'm a little confused still. A default email message from Proton is not encrypted when sent to a non-Proton account, but you can encrypt messages to users outside of Proton Mail using a password (which Rafael mentioned). The best part is, the receiving party has the option to send a secure reply back, even if they are not a Proton Mail subscriber. Is that not considered true E2EE? I use Fastmail as well and do not have that feature, which is why I added Proton to my toolkit. Btw, loved the video and have started to implement a similar system. As many others have said, I would be interested in a pseudonym video as well. Glad to see you said you'll try to get to one in 2023!
Started yesturday setting up an alias for every account i own. Now just need a name and number for the UK 😃 could you do a guide on how you can do groups within SimpleLogin? Or a guide on getting fully setup? Ta
Quick question, why not use proton mail aliases rather than simplelogin as they are both proton? 2. Do you use the paid version of simplelogin? if so is it worth it for most ppl?
This is good. but it also sounds like a lot of work plus maintenance (making sure things are setup right, emails flow to the correct place). its not a one time setup, and we have to "rehearse" multiple times on each scenario to remember the steps to make it fully functional as intended. definitely not a layman friendly approach.
@@JuneAtHomePHi don't have the time to do this. my main concern now is to reduce the time to check spam folder. because some times legit emails goes spam, and spam escaped detection and go into inbox. i had to manually check both inbox and every spam folder email. its time consuming. but i think there is a better way than outlook rules to check for email name holders better. i wish i can blanket some unique multiple keywords together so that i can catch all those spam faster. now the rules needs to be very specific, 2 words, 3 words, in sequence. so spammer just have to change a letter or spacing to get past.
Why not have the Persona account do the shopping directly? Aliasing adds one more layer of complexity that has to be managed. Worth it? Also, assume Financial includes Bank, Credit Companies, Social Security, Investments that have to have your true identity. Are PayPal and Venmo then Shopping (Payment method) or Financial?
Josh, quick question. In the email newsletters that you send out, you have your signature at the bottom. Does this pose any security risk having an image of your signature digitally on something like that? I would like to use my signature as well but haven't due to feeling as though it would be a risk to be stolen for some type of forgery. Any advice?
Until Josh replies, Imma guess that: it is not a risk since the signature we see is a digitally generated font, i.e. his real sig on paper looks different.
Nice video - but what about all other payment accounts for shopping, online subscriptions, paying bills of any kind - same approach as encrypted email accounts for banking and investments?
for proton to be end to end i believe the other user needs to have a proton account, so banks and other institutions may not apply. It is good for proton to proton accounts. from what I know
So, what if you had won the car? Surely they would require some form of ID and in the regulations there's probably something about being disqualified for using false information. Of course the chances of winning something are very small, but why enter at all if you wouldn't be able to collect your price if you did win?
Dear Josh! What think about the funtionality of fastmail offering similar possibility? Connecting 1password to fastmail servive, 1password can gerenate "random" email addresses, which connected to the fastmail address. Which solution should I choose (the 1password with fastmail or this SimpleLogin, what I see in this video)?
Yea, I'm familiar with Fastmail and I like the integration with 1Password. It was a bit too expensive for me, though. If you love the integration and don't mind the cost, definitely use Fastmail.
Great examples! How do you share all these aliases and accounts with your wife (sorry, not to put you on the spot but I think about if something happens to me). Or what is the best/easiest/safest way you recommend to do so?
i would love to know how you manage all acounts, an email client app or a software. I also manage multiple email accounts and it is a pain to log in to each and every one to check mail. which has resulted in me missing some mails...Would love to know about your process of handling multiple accounts at once
When you say different email account, do you mean different providers? Google you can only use 1 account with your number so would i need to create a yahoo account, outlook account etc etc to have the 4/5 accounts. I understand using aliases but you still need a main account email to use anonaddy or simplelogin, if so which accounts are best for each account and the recovery accounts
Hi Josh, Does a provider like simplelogin suffer from the same security concerns as a vpn? In the sense that I must trust them not to leak my info in order for my aliases to remain anonymous? Similarly, if they are hacked? Thank you!
I'm not sure I understand the difference between an inbox and an email address. Doesn't every email address have an inbox? And doesn't every inbox have an email address? So, are alias email addresses email accounts with inboxes, that don't store emails in the inbox, but forward them to another account?
Does this setup make sense? Leave any questions below and if you own your own email domain, it's essential that you create DMARC protection. See how EasyDMARC can help and get 10% off their plans using promo code ATSPROMO here: www.easydmarc.com
品牌O999
By the way what is the point of multiple emails if you can have one with multiple alaises
@@Criticalmaze if all your aliases forward to the same email address you'll still get flooded with spam, and won't be able to differentiate a phishing attack from a genuine back event.
So, you're telling your audience (and you freely admit) to stealing from businesses like the car show you mentioned. The deal is that that show was giving you access and free stuff in exchange for your contact information. However, you chose to lie. That sounds like theft or fraud at least in moral terms, if not prosecutable terms.
@@esc952 considering "business as usual" these days is to set up a spam filter I would hardly call it stealing, more like a change without a difference
I like that if you use a different alias for everything, you can really figure out who's breached or leaking info.
I had a method of doing that 40 years ago. I used a different middle initial for everything. That's how I learned that even the DMV sells your contact info, the drugstore, magazines, car dealerships... My doctor is innocent.
Yea, that's another benefit of the "unique alias for every account" approach.
@@likebot. 40 years ago? You were doing this for your paper mail? That's commitment! 👏👏👏
@@pinkmillk I first used a unique initial for Popular science in 1978. And hand-shredded anything headed to the garbage with my personal info on it until I bought my first shredder about 20 years later. I think I'm (a) weird, and (b) ahead of the game.
@@likebot. Yes, I did this way back in the 1960s and it worked a treat. Just looking at my address and noticing the initial told me who was to blame and then I could "divorce" them. LOL :)
Great instructional video. I recall someone telling me that in cases in which they don't want to give out their normal email (thereby ending up with a lot of unrequested email) they use the normal account address they have, but they add a character(s) to the same email account, but it comes in with that character, not affecting the established email account. If I recall, a punctuation is used after the character. This way, they can scan for the added character and dispose of the email as needed and the sender doesn't have his true email address.
I wish I had a live person like you sitting next to me at my desk helping me along. I need to set up a new email address for my bank accounts but have no Idea what I'm doing!
I appreciate this advice, and I like this video, but I also have to agree with the people here who feel like this is all way too much, mentally. I was talking with a friend last year about this topic, and he was gung-ho on creating and managing a whole slew of online identities. Basically like multiple personalities plus a whole accounting system full of aliases. Yes, I have one or two pseudonymous email accounts, but I not a whole lot, and frankly I find it too exhausting to bother using them very much. I will literally rather live the life of a near-hermit and just plain not receive the newsletters, not participate in the interactions, not make the new friends, not buy from the new additional businesses, and so on. This is why we can't have nice things.
As a person that heavy into encrypted emails, and privacy - I have been using temp emails from various sites, and recently thought about using aliases. I didnt think it would help with spam and i have a huge problem with that. Thanks for the knowledge.
I hope it works out for you.
@All Things Secured so far its been working good. Got a simple login and found a couple other sites which are just free like zoho and forward email. Only trouble im having with simple login is the pgp encryption messages arent decrypting...not sure why or what it could be on my part but trying out all my options. Thank you for the deeper understanding, I kept making many custom emails and never learned about aliases for emails till now. Gamechanger for sure!
...this is how we live our lives now.... trying to mask our identities ... anonymity ... burner phones... dodging spam advertising ..... VPN's.... 1065 passwords for 12 email addresses saved in a cloud that we pay for with anonymous/burner credit cards ..... i'm 57yo now... good luck to you all 😒
Well internet is like a second earth so its not a big deal i think🤷♂️ and being 57yo doesn't mean you have to be open to the world
Exactly. This is too much.
@@user-fb2cb6xp7c He might mean that being 57yr old he has less time to tackle fighting scammers and harassers compared to us younger ones. 😊
@@Isabella-wo9bg having your bank account and savings account wiped clean... is too much.
what a pathetic civilisation, honestly
Honestly one of the most underrated channels on UA-cam. Keep on!
Really appreciate it! Thanks.
Please do a pseudonym video! I'd especially love to hear about the extra phone number.
Thanks!
Agreed, the phone number is problematic. I recently tried to work around it with a sign-up and all of the sites which provided promised active phone numbers that would reply to an SMS query used VOIP numbers which can be identified and rejected by the service that demands the phone number. So far, the only thing that seems to work is to get a burner phone and that is too costly for my purposes. Yeah, you can get a Google Voice number but then you have to give your real number to Google and that's no good.
@@mikethelma Just food for thought but if you have an Android phone, Google already has your phone number.
Do this 😃
@@AllThingsSecured yes please. it has been 1 year. would love to see it. sure it'll be fun for you too.
Thanks for another great presentation. I am definitely interested in redirecting junk and spam mail somewhere else as well as separating out my billing and shopping e-mails. Being able to add a false address and phone # are particularly intriguing to combat potential hackers and telemarketers. Since so many places use confirmation e-mails, I didn't know this was even an option.
After watching two of your email security videos, I'm very much intrigued. Subscribed and looking forward to learning how to improve my privacy and security.
Jason seems like a nice guy, would love to hear more!
Haha!
Last I heard he was working on the Treadstone project.
yes !!! need that fictitious on line setup
I like Protonmail too, but when you mentioned it's security benefits for your financial email and being end-to-end encrypted... I thought that's only if the receiving party is using it as well. Your financial institutions are probably not using Protonmail, therefore it isn't end-to-end encrypted, right?
That is correct. I should have been more clear. The benefit is not the E2E encryption here. It's the fact that you're not using the same email address for your financial institutions that you are for every other account on the internet. So when a data breach occurs and your other emails are compromised, the login credentials for your sensitive financial accounts isn't on the dark web.
@@AllThingsSecured thanks for the clarification. I think it’s also a benefit to not have google (or yahoo, etc.) skimming through our email for marketing or any other purpose. I enjoy your content and appreciate your efforts. Cheers
@@waxjock Many apps have trackers to find email addresses on one’s computer. Probably the only way is to have a separate computer strictly for sensitive email access only. Anyone have any thoughts on this?
@@AllThingsSecured This was the correct answer that you should have given the other guy too. I suggest editing your video to further clarify that point, which was very misleading.
Tutanota is another great option! Been a premium customer over there for many years
This was well stated but even so it seems complicated. I have trouble understanding how you keep all this straight and how like your Netflix account how the Alias or Group makes it easier to remember or find.
I love your channel and have taken many of your suggestions and implemented them. I do want to clarify though, Proton end to end encryption only exists from proton email account to proton email account. Emails to / from your bank, lawyer, etc. are not encrypted if they do not use a Proton account. Any non-Proton account to Proton email, or Proton email to any non-Proton account is not encrypted end to end.
I had pretty much all my google account stuff leaked in several diffeent batches. And being exhausted on top of that really sucked. Took me a long time to get started with everything. But now I’m reclaiming or deleting every single account using aliases in all cases where it’s possible and randomised passwords for those kept by proton pass.
Some 150 accounts is going to take a good chunk of time to get through. Also doing this for all my closest family with the help of the Proton family plan. Next piece is going to be Yubikey, having a spare in a safe as well as saving backup keys or key phrases for whatever service has it enabled.
Hi Josh, a separate video about how to create and use a complete pseudonym account would be very interesting!
Thanks, Markus!
I second that emotion. A systematic way to create and utilize a fully functional acct with all necessary information would be great.
This is a pain. But it’s worth it. I’m doing that now. Paid for a domain and a mail service. Now I keep all the stuff separate. I had to abandon 2 emails because of the constant spamming. I love it 😊
I understand.
@@AllThingsSecured man no you dont
I'm definitely interested in the pseudonym video. I've created my own but it would be great to know if I'm doing it right.
Awesome! I will in 2023.
@@AllThingsSecured Looking forward to it. I've not looked at all of your vids but I'd be interested in your method of handling the phone number problem.
JOSH, you are a wealth of useful knowledge and information ,I appreciate and thank you for your help.
My pleasure!
Wait.. but with Proton, isn't the end to end encryption ONLY when you send and receive emails from another Proton user?
Yep, but when you recieve it. Services like google scan everything, but proton cant
There are ways to have the message encrypted using non secure email providers as well, but that involves extra steps.
Hello John, great video and just in time for what I want to do now. I'm curious with this approach which email would you use for regular things like utility bills (and accounts), medical and lab results and things of that nature: communications that are not conversations with friends and family, nor are they business related, neither marketing... thanks! By the way, utility accounts as well as medical accounts will normally get linked to your SSN and mailing address... so....
Good idea about categories for SimpleLogin. Definitely has some benefits.
Brilliant content Jason ❤
😂👍
This is really work but in the end I believe worth it. So question is there anyone that has any of your real email addresses other than family and friends? Do all your banks have aliases including Proton? I must say this is bad we have to do all this but this video is good stuff I’m learning a lot.
I am so happy, I found this channel. Good Stuff!
Thanks, Peter!
Excellent video and breakdown on using an email alias for different purposes. I been wanting to do it for years and like your breakdown.
I originally started using email forwards about 20 years ago when my wife and I were using the same email address for family messages and it was hard to track whether I had seen an email or not since she could have marked it as read. Then I realized I could create more and use rules to sort them into folders. I can't imagine now doing it any other way.
Once you start, it’s hard to go back!
Very interested in learning more about aliases and how to use them
Interesting approach. I don't really understand what you mean by "inbox" here. Is it a separate mail server, or just a particular folder on your personal account which is filtered by the alias to which an email is sent? The encrypted one seems like it has to be a special account, but all the others can be done with a filter on your email client, no?
With respect to private, encrypted email communications at around 4:30 in the video, Proton mail is of NO VALUE unless BOTH sender and receiver are using it. Your bank, financial institution, etc. are NOT encrypting their email messages to you. So your comment at 4:30 in the video is very, very misleading.
Your videos are extemely well scripted, your mimic and gesture amazingly underlines everything you say, making your videos a very pleasurable experience to watch.
Thanks 🙏
The best communication with your financial institutions, doctors, etc, would be their own servers. Usually, they will send you an unencrypted email saying such a message to you exists, and you'll need to login to see it.
I went a step ahead and created a global filter to create aliases on the fly so I don't have to "create" a new alias. I use a brand new email alias for each website I log in. You need your own domain and hosting to do this.
Hi Josh, great content!!! Loved the idea of aliases.
Quick question.. you mentioned you use a dedicated inbox for financial accounts .. do you use aliases for each of your financial accounts or do you use the email address that is linked to the inbox?
Fictitious online persona? Fascinating! Would love a deep dive into this.
Yes, I'm interested in more information about creating an online persona. Particularly with a different phone number because many places will only let you open an account by authenticating your mobile number. My number is now compromised because of it. Now, I'm receiving texts and calls from not only unwanted marketers but scammers as well. In fact, I came to your channel hoping to find that you had already made a video on alternate phone numbers.
The virtual numbers are becoming more difficult. I've had 2 for 7 years. Unfortunately, many sites will reject them now because they're typically assigned as pre-paid or VOIP (voice over IP). They insts you have a real number they can sell (IMO), although I'm sure they'll claim security.
It's still worth getting one though - All Thing Secured has a good video on that. I've not had ONE robo since I got by first one, and maybe 3 telemarketing people, in those 7 years. Set it up to require an extension to get through (and don't use 0 or 1) - robocallers aren't setup to handle that (only because it's rare).
While your proton mail inbox is encrypted, they store your private encryption key on their server, which means anyone who hacks their server will have access to that server's keys and associated inboxes.
In addition to that, the end to end encryption only occurs between proton mail users, unless you're using the password protected email setting when you send to people who don't use proton mail.
Proton mail also logs IP addresses, among other issues, so they're not particularly good.
I believe you need to do a bit more research since you seem to be very misinformed. They use PGP so anyone with your Public PGP key can send you an encrypted email and send it to you, only you with the private key can decrypt the email. Additionally, Look for their block on zero-access-encryption and you will see that what commented is not the case. Your details may be stored on the server, but all the data on their servers are encrypted-at-rest. To access your data you need to have your password. Unless they hack your account specifically, there is not a way to access your.
Hope this helps.
@@Major_Thorn Okay.
Friends and family are the biggest source of spam and unwanted emails. I give each person their own email alias that directs to my personal inbox, this way when I start seeing spam in my inbox I know which person is the cause, delete their alias and give them a different one. Its especially bad when people CC everyone in their contact list with stupid jokes and then all those people have your email address and you start getting spam from them.
Learned so much, and I'm going to follow your lead.
I had no idea newsletters could be stored directly into a folder.
Now I just need to figure how to do it. Thank You!!
Glad I could help!
Thanks for the video Josh. I posted a comment around August on one of your videos. It was about the LastPass security breach. And today, I received an email about another breach on LastPass. Not sure if I need to transfer to a different password manager or not, but it has been freaking me out a little. Not sure what it means…
Yea, I’m recommending most people to move away from LastPass and toward either Bitwarden or 1Password.
Jason piqued my interest, please share more! Thinking about creating Jacqui ;-)
Ha! I'm sure Jason and Jacqui would make great friends 😂
i have had 5 e-mails addresses for years. soon as i started getting spammed i created the others
one was for serious ones, work related, friends etc
others depending on topics
one was "a never use" one just for confirmation details
every few months i just bulk delete everything
Nice!
Is Protonol mail end to end encrypted while sending mail to bank,,, seems wrong understanding about end to end encryption...
Could you do a tutorial video on the steps taken to set it up like you have done?
YES INDEED
I’ll see what I can do. Perhaps an article or PDF download instead?
@@AllThingsSecured yea that would be better than nothing
@@AllThingsSecured YES! Please consider an article or PDF that steps through setting this up with enough detail that I could accomplish it on my own. I have been trying for years to develop a system like yours, but I have not been able to work out the downstream flow as elegantly as you have done. Thank you for such useful content!
Thanks for the great video and tips. Some quick questions.... You said Email newsletters go to your alias in Personal in box, and all other alias groups go to your Pseudonym. Do you do that even for your shopping and streaming? What happens if you have a complaint and need to get a refund? Don't you need to use a real name for that? Genuine question - trying to streamline own processes here
Please do a psuedonym video. I'm incredibly interested. Also thank you for your content
Thanks!
this is great, particularly you comment about a secure email account
Lol omg where did the idea to use Jason for that come from? You guys are so smart at being funny with computers!
Sarcasm?
I'm going off your security checklist and this is BS we have so many unscrupulous people out there wishing to do us harm. It's taxing to make all of these changes, but it it worth it in the long run!
Thanks for the ideas!
So, when you say "alias", you mean a separate email account, right? I think some email providers allow you to add "aliases" (especially if you are using google workspaces).
also, for your proton mail. end-to-end encryption is just between you and proton, right? if I am dealing with a company that is sending me email via google, google will still be able to read it, no?
Appreciated the video. I'd like to learn more about setting up fictitious online persona. Thanks.
Started watching your channel two weeks ago and I love it. Great content, not to long per movie, really great! Have a two questions:
1. Does it really matter if it is compromised since the attacker does not know the real e-mail address?
2. What happens if the attacker sends for example big file which is too big - does he gets notification from alias or real e-mail address?
Thanks a lot for a help!
"I only give this email address to my family, which means that any email received in that inbox is important to me." Oh, yeah, those crazy conspiracy theories from your dad and those cat video attachments are vital.
I didn’t say YOU had to give the address to your parents. Apparently yours are crazier than mine.
What account do you register with to watch UA-cam and to register when you start on your cell phone?
This is good tactics, but proper end-to-end encryption doesn't exist, except if you have mail servers within your own company you are sending between. Proton or others does only encrypt within their own systems. not outside, to other providers. For that you need to set up something else of a solution. Although, the email are secured within the mailbox itself. not read, not hashed, not scanned in any way. that is the only thing you really get. The alias grouping is a perfect setup though. I've used aliases for the sake of easy login to streaming accounts etc for years. But i didn't know there was a service for this too. perfect! =)
i had been doing this to a lesser extent but will have to look at this again at some point
Glad to hear it.
And what if you need to respond to these emails? You cant respond with a masked email
Does your bank use Proton Mail too? Because if not, than it is secure on their side in same way as any other email.
Thanks for thr content, what email provider do u use for ur business email, and how do u create the different aliases for it? Thanks
I created a 2nd Gmail name and account for another option with privacy, works good. Thinking about a domain name with multiple emails as well.
Sounds good, Tony!
❓ I am really enjoying your channel and appreciate all the how-to vids
I was wondering if you could explain the difference between hide my email vs aliases?
I understand both are types of aliases but can you give me an example where one is more useful than the other or how would you pick between the 2 options... Let's say I'm signing up for Pinterest what would you choose... Hide email or an alias
I have a proton acct so I can use either but proton isn't clear on the DIFFERENCES
Hey Josh, how's it going?
As far as I know the end-to-end encryption in ProtonMail only applies to emails sent and received inside the PM servers (unless you are using PGP or some kind of pre-shared password). That means that when you send an email, for example, to your bank, unless their emails is also being handled by ProtonMail as a Message Transfer Agent (MTA), it is not going to be E2EE. Can you confirm that, or this is not the case anymore? Thanks!
That is correct. As I've said in replies to other comments, I didn't do a good job of explaining that. The value of using a separate E2EE email provider for your banking is not the E2EE, which as you noted does not apply here. The value is in having a login email that isn't publicized anywhere else and therefore is not susceptible to hacks or data leaks from other 3rd parties. Make sense?
@@AllThingsSecured Yess! Makes perfect sense! Thanks for explaining and for all the good work! All the best!
@@AllThingsSecured I'm a little confused still. A default email message from Proton is not encrypted when sent to a non-Proton account, but you can encrypt messages to users outside of Proton Mail using a password (which Rafael mentioned). The best part is, the receiving party has the option to send a secure reply back, even if they are not a Proton Mail subscriber. Is that not considered true E2EE? I use Fastmail as well and do not have that feature, which is why I added Proton to my toolkit.
Btw, loved the video and have started to implement a similar system. As many others have said, I would be interested in a pseudonym video as well. Glad to see you said you'll try to get to one in 2023!
@@AllThingsSecured be a man next time
Started yesturday setting up an alias for every account i own. Now just need a name and number for the UK 😃 could you do a guide on how you can do groups within SimpleLogin? Or a guide on getting fully setup? Ta
Fictitious persona video please. Also, do you have a video on how to host your own secure email server?
Quick question, why not use proton mail aliases rather than simplelogin as they are both proton? 2. Do you use the paid version of simplelogin? if so is it worth it for most ppl?
This is good. but it also sounds like a lot of work plus maintenance (making sure things are setup right, emails flow to the correct place).
its not a one time setup, and we have to "rehearse" multiple times on each scenario to remember the steps to make it fully functional as intended. definitely not a layman friendly approach.
@@JuneAtHomePHi don't have the time to do this. my main concern now is to reduce the time to check spam folder. because some times legit emails goes spam, and spam escaped detection and go into inbox. i had to manually check both inbox and every spam folder email. its time consuming. but i think there is a better way than outlook rules to check for email name holders better. i wish i can blanket some unique multiple keywords together so that i can catch all those spam faster. now the rules needs to be very specific, 2 words, 3 words, in sequence. so spammer just have to change a letter or spacing to get past.
I would love to see a make a new persona online. what to think of, what to do, what to think on..
Great video, Sir. Thank you.
Thanks!
Why not have the Persona account do the shopping directly? Aliasing adds one more layer of complexity that has to be managed. Worth it? Also, assume Financial includes Bank, Credit Companies, Social Security, Investments that have to have your true identity. Are PayPal and Venmo then Shopping (Payment method) or Financial?
Josh, quick question. In the email newsletters that you send out, you have your signature at the bottom. Does this pose any security risk having an image of your signature digitally on something like that? I would like to use my signature as well but haven't due to feeling as though it would be a risk to be stolen for some type of forgery. Any advice?
Maybe just sign a first name, that way, it can’t be used for anything transactional?
Until Josh replies, Imma guess that: it is not a risk since the signature we see is a digitally generated font, i.e. his real sig on paper looks different.
lol surely you don’t think this guy - who is obviously an expert - would put a signature in an email that could jeopardize his security, right? 😂
I want to know about that fictitious email and socials stuff
Enjoy your videos. Ignoring the cost, do you see any downside with someone using Proton for all their email?
what is the downside?? i want to know.
@@duskairableYou'd be really stuck with the monthly subscription fee & still have limited storage space if on the lowest cost plan?
Nice video - but what about all other payment accounts for shopping, online subscriptions, paying bills of any kind - same approach as encrypted email accounts for banking and investments?
Wish you can do a walk through of all these inboxes. I can confused with how the group Alias would work and look like
I’ve started doing this. I’d be interested in setting up an alter ego. I’ve thought about it but not sure the best way to use it
Yea, it's been more of a novelty than a huge asset, but I enjoy it either way.
for proton to be end to end i believe the other user needs to have a proton account, so banks and other institutions may not apply. It is good for proton to proton accounts. from what I know
Yeah do a video on setting up another identity.
Sounds good, Shane!
What are some free email services that are easy to manage?
Great video ! Keep up the good work. I don’t see the point of having a pseudonym account and an aliases account. Seems to be the same to me.
There are different strategies. Thanks!
Anytips on where to categorize, gov stuff like water bills, or service apps like doorsash?
Love a video on ficticious accounts
Please do video Pseudonym, it sounds very helpful
Very confusing … but thanks! At least I became aware …
So, what if you had won the car? Surely they would require some form of ID and in the regulations there's probably something about being disqualified for using false information. Of course the chances of winning something are very small, but why enter at all if you wouldn't be able to collect your price if you did win?
Email and SMS 2FA are unfortunately the only options provided by most services (including financial). Best options for Email 2FA and account recovery?
Good information shared.... 😊😊😊😊
Do you have to have a different service for each of your inboxes? Or are there services that allow multiple accounts?
Thanks for this Josh... great vid man
My pleasure, Rob!
Your contact is valuable to invest time in watching it.
Dear Josh!
What think about the funtionality of fastmail offering similar possibility?
Connecting 1password to fastmail servive, 1password can gerenate "random" email addresses, which connected to the fastmail address.
Which solution should I choose (the 1password with fastmail or this SimpleLogin, what I see in this video)?
Yea, I'm familiar with Fastmail and I like the integration with 1Password. It was a bit too expensive for me, though. If you love the integration and don't mind the cost, definitely use Fastmail.
Great examples! How do you share all these aliases and accounts with your wife (sorry, not to put you on the spot but I think about if something happens to me). Or what is the best/easiest/safest way you recommend to do so?
It’s all part of SimpleLogin, which she would have access to.
Thank you for this video!
i would love to know how you manage all acounts, an email client app or a software. I also manage multiple email accounts and it is a pain to log in to each and every one to check mail. which has resulted in me missing some mails...Would love to know about your process of handling multiple accounts at once
When you say different email account, do you mean different providers? Google you can only use 1 account with your number so would i need to create a yahoo account, outlook account etc etc to have the 4/5 accounts. I understand using aliases but you still need a main account email to use anonaddy or simplelogin, if so which accounts are best for each account and the recovery accounts
Very helpful, thank you!
Hi Josh,
Does a provider like simplelogin suffer from the same security concerns as a vpn? In the sense that I must trust them not to leak my info in order for my aliases to remain anonymous? Similarly, if they are hacked?
Thank you!
Ideally you’re not using these aliases for important email, so it doesn’t matter.
I'm not sure I understand the difference between an inbox and an email address. Doesn't every email address have an inbox? And doesn't every inbox have an email address? So, are alias email addresses email accounts with inboxes, that don't store emails in the inbox, but forward them to another account?
What data did you use to restore/backup login to these accounts?