Does this setup make sense? Leave any questions below and if you own your own email domain, it's essential that you create DMARC protection. See how EasyDMARC can help and get 10% off their plans using promo code ATSPROMO here: www.easydmarc.com
@@Criticalmaze if all your aliases forward to the same email address you'll still get flooded with spam, and won't be able to differentiate a phishing attack from a genuine back event.
So, you're telling your audience (and you freely admit) to stealing from businesses like the car show you mentioned. The deal is that that show was giving you access and free stuff in exchange for your contact information. However, you chose to lie. That sounds like theft or fraud at least in moral terms, if not prosecutable terms.
@@esc952 considering "business as usual" these days is to set up a spam filter I would hardly call it stealing, more like a change without a difference
I had a method of doing that 40 years ago. I used a different middle initial for everything. That's how I learned that even the DMV sells your contact info, the drugstore, magazines, car dealerships... My doctor is innocent.
@@pinkmillk I first used a unique initial for Popular science in 1978. And hand-shredded anything headed to the garbage with my personal info on it until I bought my first shredder about 20 years later. I think I'm (a) weird, and (b) ahead of the game.
@@likebot. Yes, I did this way back in the 1960s and it worked a treat. Just looking at my address and noticing the initial told me who was to blame and then I could "divorce" them. LOL :)
...this is how we live our lives now.... trying to mask our identities ... anonymity ... burner phones... dodging spam advertising ..... VPN's.... 1065 passwords for 12 email addresses saved in a cloud that we pay for with anonymous/burner credit cards ..... i'm 57yo now... good luck to you all 😒
Agreed, the phone number is problematic. I recently tried to work around it with a sign-up and all of the sites which provided promised active phone numbers that would reply to an SMS query used VOIP numbers which can be identified and rejected by the service that demands the phone number. So far, the only thing that seems to work is to get a burner phone and that is too costly for my purposes. Yeah, you can get a Google Voice number but then you have to give your real number to Google and that's no good.
Great instructional video. I recall someone telling me that in cases in which they don't want to give out their normal email (thereby ending up with a lot of unrequested email) they use the normal account address they have, but they add a character(s) to the same email account, but it comes in with that character, not affecting the established email account. If I recall, a punctuation is used after the character. This way, they can scan for the added character and dispose of the email as needed and the sender doesn't have his true email address.
I wish I had a live person like you sitting next to me at my desk helping me along. I need to set up a new email address for my bank accounts but have no Idea what I'm doing!
Thanks for another great presentation. I am definitely interested in redirecting junk and spam mail somewhere else as well as separating out my billing and shopping e-mails. Being able to add a false address and phone # are particularly intriguing to combat potential hackers and telemarketers. Since so many places use confirmation e-mails, I didn't know this was even an option.
I appreciate this advice, and I like this video, but I also have to agree with the people here who feel like this is all way too much, mentally. I was talking with a friend last year about this topic, and he was gung-ho on creating and managing a whole slew of online identities. Basically like multiple personalities plus a whole accounting system full of aliases. Yes, I have one or two pseudonymous email accounts, but I not a whole lot, and frankly I find it too exhausting to bother using them very much. I will literally rather live the life of a near-hermit and just plain not receive the newsletters, not participate in the interactions, not make the new friends, not buy from the new additional businesses, and so on. This is why we can't have nice things.
After watching two of your email security videos, I'm very much intrigued. Subscribed and looking forward to learning how to improve my privacy and security.
@@AllThingsSecured Looking forward to it. I've not looked at all of your vids but I'd be interested in your method of handling the phone number problem.
This was well stated but even so it seems complicated. I have trouble understanding how you keep all this straight and how like your Netflix account how the Alias or Group makes it easier to remember or find.
I like Protonmail too, but when you mentioned it's security benefits for your financial email and being end-to-end encrypted... I thought that's only if the receiving party is using it as well. Your financial institutions are probably not using Protonmail, therefore it isn't end-to-end encrypted, right?
That is correct. I should have been more clear. The benefit is not the E2E encryption here. It's the fact that you're not using the same email address for your financial institutions that you are for every other account on the internet. So when a data breach occurs and your other emails are compromised, the login credentials for your sensitive financial accounts isn't on the dark web.
@@AllThingsSecured thanks for the clarification. I think it’s also a benefit to not have google (or yahoo, etc.) skimming through our email for marketing or any other purpose. I enjoy your content and appreciate your efforts. Cheers
@@waxjock Many apps have trackers to find email addresses on one’s computer. Probably the only way is to have a separate computer strictly for sensitive email access only. Anyone have any thoughts on this?
@@AllThingsSecured This was the correct answer that you should have given the other guy too. I suggest editing your video to further clarify that point, which was very misleading.
I love your channel and have taken many of your suggestions and implemented them. I do want to clarify though, Proton end to end encryption only exists from proton email account to proton email account. Emails to / from your bank, lawyer, etc. are not encrypted if they do not use a Proton account. Any non-Proton account to Proton email, or Proton email to any non-Proton account is not encrypted end to end.
Started watching your channel two weeks ago and I love it. Great content, not to long per movie, really great! Have a two questions: 1. Does it really matter if it is compromised since the attacker does not know the real e-mail address? 2. What happens if the attacker sends for example big file which is too big - does he gets notification from alias or real e-mail address? Thanks a lot for a help!
This is a pain. But it’s worth it. I’m doing that now. Paid for a domain and a mail service. Now I keep all the stuff separate. I had to abandon 2 emails because of the constant spamming. I love it 😊
This is really work but in the end I believe worth it. So question is there anyone that has any of your real email addresses other than family and friends? Do all your banks have aliases including Proton? I must say this is bad we have to do all this but this video is good stuff I’m learning a lot.
Your videos are extemely well scripted, your mimic and gesture amazingly underlines everything you say, making your videos a very pleasurable experience to watch.
Learned so much, and I'm going to follow your lead. I had no idea newsletters could be stored directly into a folder. Now I just need to figure how to do it. Thank You!!
I originally started using email forwards about 20 years ago when my wife and I were using the same email address for family messages and it was hard to track whether I had seen an email or not since she could have marked it as read. Then I realized I could create more and use rules to sort them into folders. I can't imagine now doing it any other way.
Thanks for the video Josh. I posted a comment around August on one of your videos. It was about the LastPass security breach. And today, I received an email about another breach on LastPass. Not sure if I need to transfer to a different password manager or not, but it has been freaking me out a little. Not sure what it means…
Yes, I'm interested in more information about creating an online persona. Particularly with a different phone number because many places will only let you open an account by authenticating your mobile number. My number is now compromised because of it. Now, I'm receiving texts and calls from not only unwanted marketers but scammers as well. In fact, I came to your channel hoping to find that you had already made a video on alternate phone numbers.
The virtual numbers are becoming more difficult. I've had 2 for 7 years. Unfortunately, many sites will reject them now because they're typically assigned as pre-paid or VOIP (voice over IP). They insts you have a real number they can sell (IMO), although I'm sure they'll claim security. It's still worth getting one though - All Thing Secured has a good video on that. I've not had ONE robo since I got by first one, and maybe 3 telemarketing people, in those 7 years. Set it up to require an extension to get through (and don't use 0 or 1) - robocallers aren't setup to handle that (only because it's rare).
I had pretty much all my google account stuff leaked in several diffeent batches. And being exhausted on top of that really sucked. Took me a long time to get started with everything. But now I’m reclaiming or deleting every single account using aliases in all cases where it’s possible and randomised passwords for those kept by proton pass. Some 150 accounts is going to take a good chunk of time to get through. Also doing this for all my closest family with the help of the Proton family plan. Next piece is going to be Yubikey, having a spare in a safe as well as saving backup keys or key phrases for whatever service has it enabled.
did not understand. Give examples. Reading is easier to understand. Is the same alias used once or lots or to certain groups. I cant remember alias emails plus real emails. Plus a password for each. no way
Thanks for the great video and tips. Some quick questions.... You said Email newsletters go to your alias in Personal in box, and all other alias groups go to your Pseudonym. Do you do that even for your shopping and streaming? What happens if you have a complaint and need to get a refund? Don't you need to use a real name for that? Genuine question - trying to streamline own processes here
While your proton mail inbox is encrypted, they store your private encryption key on their server, which means anyone who hacks their server will have access to that server's keys and associated inboxes. In addition to that, the end to end encryption only occurs between proton mail users, unless you're using the password protected email setting when you send to people who don't use proton mail. Proton mail also logs IP addresses, among other issues, so they're not particularly good.
I believe you need to do a bit more research since you seem to be very misinformed. They use PGP so anyone with your Public PGP key can send you an encrypted email and send it to you, only you with the private key can decrypt the email. Additionally, Look for their block on zero-access-encryption and you will see that what commented is not the case. Your details may be stored on the server, but all the data on their servers are encrypted-at-rest. To access your data you need to have your password. Unless they hack your account specifically, there is not a way to access your. Hope this helps.
@@AllThingsSecured YES! Please consider an article or PDF that steps through setting this up with enough detail that I could accomplish it on my own. I have been trying for years to develop a system like yours, but I have not been able to work out the downstream flow as elegantly as you have done. Thank you for such useful content!
i have had 5 e-mails addresses for years. soon as i started getting spammed i created the others one was for serious ones, work related, friends etc others depending on topics one was "a never use" one just for confirmation details every few months i just bulk delete everything
Friends and family are the biggest source of spam and unwanted emails. I give each person their own email alias that directs to my personal inbox, this way when I start seeing spam in my inbox I know which person is the cause, delete their alias and give them a different one. Its especially bad when people CC everyone in their contact list with stupid jokes and then all those people have your email address and you start getting spam from them.
I'm not sure I understand the difference between an inbox and an email address. Doesn't every email address have an inbox? And doesn't every inbox have an email address? So, are alias email addresses email accounts with inboxes, that don't store emails in the inbox, but forward them to another account?
Nice video - but what about all other payment accounts for shopping, online subscriptions, paying bills of any kind - same approach as encrypted email accounts for banking and investments?
"I only give this email address to my family, which means that any email received in that inbox is important to me." Oh, yeah, those crazy conspiracy theories from your dad and those cat video attachments are vital.
So, what if you had won the car? Surely they would require some form of ID and in the regulations there's probably something about being disqualified for using false information. Of course the chances of winning something are very small, but why enter at all if you wouldn't be able to collect your price if you did win?
What do you do when one of your "close friends or family" forwards your very private email address to other people or has their email address book hacked?
Why not have the Persona account do the shopping directly? Aliasing adds one more layer of complexity that has to be managed. Worth it? Also, assume Financial includes Bank, Credit Companies, Social Security, Investments that have to have your true identity. Are PayPal and Venmo then Shopping (Payment method) or Financial?
Started yesturday setting up an alias for every account i own. Now just need a name and number for the UK 😃 could you do a guide on how you can do groups within SimpleLogin? Or a guide on getting fully setup? Ta
As a person that heavy into encrypted emails, and privacy - I have been using temp emails from various sites, and recently thought about using aliases. I didnt think it would help with spam and i have a huge problem with that. Thanks for the knowledge.
@All Things Secured so far its been working good. Got a simple login and found a couple other sites which are just free like zoho and forward email. Only trouble im having with simple login is the pgp encryption messages arent decrypting...not sure why or what it could be on my part but trying out all my options. Thank you for the deeper understanding, I kept making many custom emails and never learned about aliases for emails till now. Gamechanger for sure!
How does one use the email alias to reply to the sender? I can't figure out how to do this. I use hide my email and love it but the only way to reply to send is through my actual email which I don't want to do as it would defeat the purpose of using hide my email.
Quick question, why not use proton mail aliases rather than simplelogin as they are both proton? 2. Do you use the paid version of simplelogin? if so is it worth it for most ppl?
This is good. but it also sounds like a lot of work plus maintenance (making sure things are setup right, emails flow to the correct place). its not a one time setup, and we have to "rehearse" multiple times on each scenario to remember the steps to make it fully functional as intended. definitely not a layman friendly approach.
@@JuneAtHomePHi don't have the time to do this. my main concern now is to reduce the time to check spam folder. because some times legit emails goes spam, and spam escaped detection and go into inbox. i had to manually check both inbox and every spam folder email. its time consuming. but i think there is a better way than outlook rules to check for email name holders better. i wish i can blanket some unique multiple keywords together so that i can catch all those spam faster. now the rules needs to be very specific, 2 words, 3 words, in sequence. so spammer just have to change a letter or spacing to get past.
for proton to be end to end i believe the other user needs to have a proton account, so banks and other institutions may not apply. It is good for proton to proton accounts. from what I know
Great examples! How do you share all these aliases and accounts with your wife (sorry, not to put you on the spot but I think about if something happens to me). Or what is the best/easiest/safest way you recommend to do so?
This is good tactics, but proper end-to-end encryption doesn't exist, except if you have mail servers within your own company you are sending between. Proton or others does only encrypt within their own systems. not outside, to other providers. For that you need to set up something else of a solution. Although, the email are secured within the mailbox itself. not read, not hashed, not scanned in any way. that is the only thing you really get. The alias grouping is a perfect setup though. I've used aliases for the sake of easy login to streaming accounts etc for years. But i didn't know there was a service for this too. perfect! =)
i would love to know how you manage all acounts, an email client app or a software. I also manage multiple email accounts and it is a pain to log in to each and every one to check mail. which has resulted in me missing some mails...Would love to know about your process of handling multiple accounts at once
But isnt protonmail end to end encrypted only for protonmail to protonmail accounts? Also I was trying to use simple login and apple hide to create an account with Skype, and they rejected untill I provide what the called "a valid email address". Last, have you tried DDG email addresses?
Hey Josh, how's it going? As far as I know the end-to-end encryption in ProtonMail only applies to emails sent and received inside the PM servers (unless you are using PGP or some kind of pre-shared password). That means that when you send an email, for example, to your bank, unless their emails is also being handled by ProtonMail as a Message Transfer Agent (MTA), it is not going to be E2EE. Can you confirm that, or this is not the case anymore? Thanks!
That is correct. As I've said in replies to other comments, I didn't do a good job of explaining that. The value of using a separate E2EE email provider for your banking is not the E2EE, which as you noted does not apply here. The value is in having a login email that isn't publicized anywhere else and therefore is not susceptible to hacks or data leaks from other 3rd parties. Make sense?
@@AllThingsSecured I'm a little confused still. A default email message from Proton is not encrypted when sent to a non-Proton account, but you can encrypt messages to users outside of Proton Mail using a password (which Rafael mentioned). The best part is, the receiving party has the option to send a secure reply back, even if they are not a Proton Mail subscriber. Is that not considered true E2EE? I use Fastmail as well and do not have that feature, which is why I added Proton to my toolkit. Btw, loved the video and have started to implement a similar system. As many others have said, I would be interested in a pseudonym video as well. Glad to see you said you'll try to get to one in 2023!
Does this setup make sense? Leave any questions below and if you own your own email domain, it's essential that you create DMARC protection. See how EasyDMARC can help and get 10% off their plans using promo code ATSPROMO here: www.easydmarc.com
品牌O999
By the way what is the point of multiple emails if you can have one with multiple alaises
@@Criticalmaze if all your aliases forward to the same email address you'll still get flooded with spam, and won't be able to differentiate a phishing attack from a genuine back event.
So, you're telling your audience (and you freely admit) to stealing from businesses like the car show you mentioned. The deal is that that show was giving you access and free stuff in exchange for your contact information. However, you chose to lie. That sounds like theft or fraud at least in moral terms, if not prosecutable terms.
@@esc952 considering "business as usual" these days is to set up a spam filter I would hardly call it stealing, more like a change without a difference
I like that if you use a different alias for everything, you can really figure out who's breached or leaking info.
I had a method of doing that 40 years ago. I used a different middle initial for everything. That's how I learned that even the DMV sells your contact info, the drugstore, magazines, car dealerships... My doctor is innocent.
Yea, that's another benefit of the "unique alias for every account" approach.
@@likebot. 40 years ago? You were doing this for your paper mail? That's commitment! 👏👏👏
@@pinkmillk I first used a unique initial for Popular science in 1978. And hand-shredded anything headed to the garbage with my personal info on it until I bought my first shredder about 20 years later. I think I'm (a) weird, and (b) ahead of the game.
@@likebot. Yes, I did this way back in the 1960s and it worked a treat. Just looking at my address and noticing the initial told me who was to blame and then I could "divorce" them. LOL :)
...this is how we live our lives now.... trying to mask our identities ... anonymity ... burner phones... dodging spam advertising ..... VPN's.... 1065 passwords for 12 email addresses saved in a cloud that we pay for with anonymous/burner credit cards ..... i'm 57yo now... good luck to you all 😒
Well internet is like a second earth so its not a big deal i think🤷♂️ and being 57yo doesn't mean you have to be open to the world
Exactly. This is too much.
@@user-fb2cb6xp7c He might mean that being 57yr old he has less time to tackle fighting scammers and harassers compared to us younger ones. 😊
@@Isabella-wo9bg having your bank account and savings account wiped clean... is too much.
It’s exhausting!
Please do a pseudonym video! I'd especially love to hear about the extra phone number.
Thanks!
Agreed, the phone number is problematic. I recently tried to work around it with a sign-up and all of the sites which provided promised active phone numbers that would reply to an SMS query used VOIP numbers which can be identified and rejected by the service that demands the phone number. So far, the only thing that seems to work is to get a burner phone and that is too costly for my purposes. Yeah, you can get a Google Voice number but then you have to give your real number to Google and that's no good.
@@mikethelma Just food for thought but if you have an Android phone, Google already has your phone number.
Do this 😃
@@AllThingsSecured yes please. it has been 1 year. would love to see it. sure it'll be fun for you too.
Great instructional video. I recall someone telling me that in cases in which they don't want to give out their normal email (thereby ending up with a lot of unrequested email) they use the normal account address they have, but they add a character(s) to the same email account, but it comes in with that character, not affecting the established email account. If I recall, a punctuation is used after the character. This way, they can scan for the added character and dispose of the email as needed and the sender doesn't have his true email address.
I wish I had a live person like you sitting next to me at my desk helping me along. I need to set up a new email address for my bank accounts but have no Idea what I'm doing!
Honestly one of the most underrated channels on UA-cam. Keep on!
Really appreciate it! Thanks.
Thanks for another great presentation. I am definitely interested in redirecting junk and spam mail somewhere else as well as separating out my billing and shopping e-mails. Being able to add a false address and phone # are particularly intriguing to combat potential hackers and telemarketers. Since so many places use confirmation e-mails, I didn't know this was even an option.
I appreciate this advice, and I like this video, but I also have to agree with the people here who feel like this is all way too much, mentally. I was talking with a friend last year about this topic, and he was gung-ho on creating and managing a whole slew of online identities. Basically like multiple personalities plus a whole accounting system full of aliases. Yes, I have one or two pseudonymous email accounts, but I not a whole lot, and frankly I find it too exhausting to bother using them very much. I will literally rather live the life of a near-hermit and just plain not receive the newsletters, not participate in the interactions, not make the new friends, not buy from the new additional businesses, and so on. This is why we can't have nice things.
Jason seems like a nice guy, would love to hear more!
Haha!
Last I heard he was working on the Treadstone project.
After watching two of your email security videos, I'm very much intrigued. Subscribed and looking forward to learning how to improve my privacy and security.
Hi Josh, a separate video about how to create and use a complete pseudonym account would be very interesting!
Thanks, Markus!
I'm definitely interested in the pseudonym video. I've created my own but it would be great to know if I'm doing it right.
Awesome! I will in 2023.
@@AllThingsSecured Looking forward to it. I've not looked at all of your vids but I'd be interested in your method of handling the phone number problem.
This was well stated but even so it seems complicated. I have trouble understanding how you keep all this straight and how like your Netflix account how the Alias or Group makes it easier to remember or find.
I like Protonmail too, but when you mentioned it's security benefits for your financial email and being end-to-end encrypted... I thought that's only if the receiving party is using it as well. Your financial institutions are probably not using Protonmail, therefore it isn't end-to-end encrypted, right?
That is correct. I should have been more clear. The benefit is not the E2E encryption here. It's the fact that you're not using the same email address for your financial institutions that you are for every other account on the internet. So when a data breach occurs and your other emails are compromised, the login credentials for your sensitive financial accounts isn't on the dark web.
@@AllThingsSecured thanks for the clarification. I think it’s also a benefit to not have google (or yahoo, etc.) skimming through our email for marketing or any other purpose. I enjoy your content and appreciate your efforts. Cheers
@@waxjock Many apps have trackers to find email addresses on one’s computer. Probably the only way is to have a separate computer strictly for sensitive email access only. Anyone have any thoughts on this?
@@AllThingsSecured This was the correct answer that you should have given the other guy too. I suggest editing your video to further clarify that point, which was very misleading.
Tutanota is another great option! Been a premium customer over there for many years
JOSH, you are a wealth of useful knowledge and information ,I appreciate and thank you for your help.
My pleasure!
Brilliant content Jason ❤
😂👍
I love your channel and have taken many of your suggestions and implemented them. I do want to clarify though, Proton end to end encryption only exists from proton email account to proton email account. Emails to / from your bank, lawyer, etc. are not encrypted if they do not use a Proton account. Any non-Proton account to Proton email, or Proton email to any non-Proton account is not encrypted end to end.
I am so happy, I found this channel. Good Stuff!
Thanks, Peter!
Excellent video and breakdown on using an email alias for different purposes. I been wanting to do it for years and like your breakdown.
Started watching your channel two weeks ago and I love it. Great content, not to long per movie, really great! Have a two questions:
1. Does it really matter if it is compromised since the attacker does not know the real e-mail address?
2. What happens if the attacker sends for example big file which is too big - does he gets notification from alias or real e-mail address?
Thanks a lot for a help!
This is a pain. But it’s worth it. I’m doing that now. Paid for a domain and a mail service. Now I keep all the stuff separate. I had to abandon 2 emails because of the constant spamming. I love it 😊
I understand.
@@AllThingsSecured man no you dont
This is really work but in the end I believe worth it. So question is there anyone that has any of your real email addresses other than family and friends? Do all your banks have aliases including Proton? I must say this is bad we have to do all this but this video is good stuff I’m learning a lot.
Very interested in learning more about aliases and how to use them
yes !!! need that fictitious on line setup
Wait.. but with Proton, isn't the end to end encryption ONLY when you send and receive emails from another Proton user?
Yep, but when you recieve it. Services like google scan everything, but proton cant
There are ways to have the message encrypted using non secure email providers as well, but that involves extra steps.
Your videos are extemely well scripted, your mimic and gesture amazingly underlines everything you say, making your videos a very pleasurable experience to watch.
Thanks 🙏
Learned so much, and I'm going to follow your lead.
I had no idea newsletters could be stored directly into a folder.
Now I just need to figure how to do it. Thank You!!
Glad I could help!
Fictitious online persona? Fascinating! Would love a deep dive into this.
Jason piqued my interest, please share more! Thinking about creating Jacqui ;-)
Ha! I'm sure Jason and Jacqui would make great friends 😂
I originally started using email forwards about 20 years ago when my wife and I were using the same email address for family messages and it was hard to track whether I had seen an email or not since she could have marked it as read. Then I realized I could create more and use rules to sort them into folders. I can't imagine now doing it any other way.
Once you start, it’s hard to go back!
Thanks for the video Josh. I posted a comment around August on one of your videos. It was about the LastPass security breach. And today, I received an email about another breach on LastPass. Not sure if I need to transfer to a different password manager or not, but it has been freaking me out a little. Not sure what it means…
Yea, I’m recommending most people to move away from LastPass and toward either Bitwarden or 1Password.
Yes, I'm interested in more information about creating an online persona. Particularly with a different phone number because many places will only let you open an account by authenticating your mobile number. My number is now compromised because of it. Now, I'm receiving texts and calls from not only unwanted marketers but scammers as well. In fact, I came to your channel hoping to find that you had already made a video on alternate phone numbers.
The virtual numbers are becoming more difficult. I've had 2 for 7 years. Unfortunately, many sites will reject them now because they're typically assigned as pre-paid or VOIP (voice over IP). They insts you have a real number they can sell (IMO), although I'm sure they'll claim security.
It's still worth getting one though - All Thing Secured has a good video on that. I've not had ONE robo since I got by first one, and maybe 3 telemarketing people, in those 7 years. Set it up to require an extension to get through (and don't use 0 or 1) - robocallers aren't setup to handle that (only because it's rare).
Please do a psuedonym video. I'm incredibly interested. Also thank you for your content
Thanks!
Lol omg where did the idea to use Jason for that come from? You guys are so smart at being funny with computers!
Sarcasm?
I had pretty much all my google account stuff leaked in several diffeent batches. And being exhausted on top of that really sucked. Took me a long time to get started with everything. But now I’m reclaiming or deleting every single account using aliases in all cases where it’s possible and randomised passwords for those kept by proton pass.
Some 150 accounts is going to take a good chunk of time to get through. Also doing this for all my closest family with the help of the Proton family plan. Next piece is going to be Yubikey, having a spare in a safe as well as saving backup keys or key phrases for whatever service has it enabled.
this is great, particularly you comment about a secure email account
Is Protonol mail end to end encrypted while sending mail to bank,,, seems wrong understanding about end to end encryption...
Yeah do a video on setting up another identity.
Sounds good, Shane!
did not understand. Give examples. Reading is easier to understand. Is the same alias used once or lots or to certain groups. I cant remember alias emails plus real emails. Plus a password for each. no way
Thanks for the great video and tips. Some quick questions.... You said Email newsletters go to your alias in Personal in box, and all other alias groups go to your Pseudonym. Do you do that even for your shopping and streaming? What happens if you have a complaint and need to get a refund? Don't you need to use a real name for that? Genuine question - trying to streamline own processes here
Fictitious persona video please. Also, do you have a video on how to host your own secure email server?
Thanks Josh
While your proton mail inbox is encrypted, they store your private encryption key on their server, which means anyone who hacks their server will have access to that server's keys and associated inboxes.
In addition to that, the end to end encryption only occurs between proton mail users, unless you're using the password protected email setting when you send to people who don't use proton mail.
Proton mail also logs IP addresses, among other issues, so they're not particularly good.
I believe you need to do a bit more research since you seem to be very misinformed. They use PGP so anyone with your Public PGP key can send you an encrypted email and send it to you, only you with the private key can decrypt the email. Additionally, Look for their block on zero-access-encryption and you will see that what commented is not the case. Your details may be stored on the server, but all the data on their servers are encrypted-at-rest. To access your data you need to have your password. Unless they hack your account specifically, there is not a way to access your.
Hope this helps.
@@Major_Thorn Okay.
Appreciated the video. I'd like to learn more about setting up fictitious online persona. Thanks.
Could you do a tutorial video on the steps taken to set it up like you have done?
YES INDEED
I’ll see what I can do. Perhaps an article or PDF download instead?
@@AllThingsSecured yea that would be better than nothing
@@AllThingsSecured YES! Please consider an article or PDF that steps through setting this up with enough detail that I could accomplish it on my own. I have been trying for years to develop a system like yours, but I have not been able to work out the downstream flow as elegantly as you have done. Thank you for such useful content!
What are some free email services that are easy to manage?
Thats great but how about a tutorial ?..Thats a tonne of time to figure it out without some guidance..??
Great video, Sir. Thank you.
Thanks!
And what if you need to respond to these emails? You cant respond with a masked email
Very confusing … but thanks! At least I became aware …
i have had 5 e-mails addresses for years. soon as i started getting spammed i created the others
one was for serious ones, work related, friends etc
others depending on topics
one was "a never use" one just for confirmation details
every few months i just bulk delete everything
Nice!
Thanks for this Josh... great vid man
My pleasure, Rob!
i had been doing this to a lesser extent but will have to look at this again at some point
Glad to hear it.
I want to know about that fictitious email and socials stuff
Does your bank use Proton Mail too? Because if not, than it is secure on their side in same way as any other email.
Love a video on ficticious accounts
Friends and family are the biggest source of spam and unwanted emails. I give each person their own email alias that directs to my personal inbox, this way when I start seeing spam in my inbox I know which person is the cause, delete their alias and give them a different one. Its especially bad when people CC everyone in their contact list with stupid jokes and then all those people have your email address and you start getting spam from them.
I'm not sure I understand the difference between an inbox and an email address. Doesn't every email address have an inbox? And doesn't every inbox have an email address? So, are alias email addresses email accounts with inboxes, that don't store emails in the inbox, but forward them to another account?
Your contact is valuable to invest time in watching it.
Thank you for this video!
Nice video - but what about all other payment accounts for shopping, online subscriptions, paying bills of any kind - same approach as encrypted email accounts for banking and investments?
We definitely want to meet your "Alter Eagle" 🦅 could be a small statue on an altar or an actual eagle... Perhaps his name is Walter Eagle
Haha!
This is a year old video, for me is new and always be new, valuable information.... I" m interested in a pseudonym
Very helpful, thank you!
"I only give this email address to my family, which means that any email received in that inbox is important to me." Oh, yeah, those crazy conspiracy theories from your dad and those cat video attachments are vital.
I didn’t say YOU had to give the address to your parents. Apparently yours are crazier than mine.
Thanks for thr content, what email provider do u use for ur business email, and how do u create the different aliases for it? Thanks
I created a 2nd Gmail name and account for another option with privacy, works good. Thinking about a domain name with multiple emails as well.
Sounds good, Tony!
I would love to see a make a new persona online. what to think of, what to do, what to think on..
Enjoy your videos. Ignoring the cost, do you see any downside with someone using Proton for all their email?
what is the downside?? i want to know.
@@duskairableYou'd be really stuck with the monthly subscription fee & still have limited storage space if on the lowest cost plan?
Wish you can do a walk through of all these inboxes. I can confused with how the group Alias would work and look like
What account do you register with to watch UA-cam and to register when you start on your cell phone?
So, what if you had won the car? Surely they would require some form of ID and in the regulations there's probably something about being disqualified for using false information. Of course the chances of winning something are very small, but why enter at all if you wouldn't be able to collect your price if you did win?
Email and SMS 2FA are unfortunately the only options provided by most services (including financial). Best options for Email 2FA and account recovery?
What do you do when one of your "close friends or family" forwards your very private email address to other people or has their email address book hacked?
Why not have the Persona account do the shopping directly? Aliasing adds one more layer of complexity that has to be managed. Worth it? Also, assume Financial includes Bank, Credit Companies, Social Security, Investments that have to have your true identity. Are PayPal and Venmo then Shopping (Payment method) or Financial?
Started yesturday setting up an alias for every account i own. Now just need a name and number for the UK 😃 could you do a guide on how you can do groups within SimpleLogin? Or a guide on getting fully setup? Ta
When you use an alias for login you need to be sure that that "alias company" will work tomorrow.
I’ve started doing this. I’d be interested in setting up an alter ego. I’ve thought about it but not sure the best way to use it
Yea, it's been more of a novelty than a huge asset, but I enjoy it either way.
Please do video Pseudonym, it sounds very helpful
As a person that heavy into encrypted emails, and privacy - I have been using temp emails from various sites, and recently thought about using aliases. I didnt think it would help with spam and i have a huge problem with that. Thanks for the knowledge.
I hope it works out for you.
@All Things Secured so far its been working good. Got a simple login and found a couple other sites which are just free like zoho and forward email. Only trouble im having with simple login is the pgp encryption messages arent decrypting...not sure why or what it could be on my part but trying out all my options. Thank you for the deeper understanding, I kept making many custom emails and never learned about aliases for emails till now. Gamechanger for sure!
How does one use the email alias to reply to the sender? I can't figure out how to do this. I use hide my email and love it but the only way to reply to send is through my actual email which I don't want to do as it would defeat the purpose of using hide my email.
What are good names to use for a fake email? Professional email
Quick question, why not use proton mail aliases rather than simplelogin as they are both proton? 2. Do you use the paid version of simplelogin? if so is it worth it for most ppl?
I am wondering, if we access all Internet(newslatter,etc.) using Email aliases then what is the use of primary email?
This is good. but it also sounds like a lot of work plus maintenance (making sure things are setup right, emails flow to the correct place).
its not a one time setup, and we have to "rehearse" multiple times on each scenario to remember the steps to make it fully functional as intended. definitely not a layman friendly approach.
@@JuneAtHomePHi don't have the time to do this. my main concern now is to reduce the time to check spam folder. because some times legit emails goes spam, and spam escaped detection and go into inbox. i had to manually check both inbox and every spam folder email. its time consuming. but i think there is a better way than outlook rules to check for email name holders better. i wish i can blanket some unique multiple keywords together so that i can catch all those spam faster. now the rules needs to be very specific, 2 words, 3 words, in sequence. so spammer just have to change a letter or spacing to get past.
for proton to be end to end i believe the other user needs to have a proton account, so banks and other institutions may not apply. It is good for proton to proton accounts. from what I know
I would love to learn how to make a fictitious online persona
Anytips on where to categorize, gov stuff like water bills, or service apps like doorsash?
Should I use an alias to create an Apple ID account?
Great examples! How do you share all these aliases and accounts with your wife (sorry, not to put you on the spot but I think about if something happens to me). Or what is the best/easiest/safest way you recommend to do so?
It’s all part of SimpleLogin, which she would have access to.
This is good tactics, but proper end-to-end encryption doesn't exist, except if you have mail servers within your own company you are sending between. Proton or others does only encrypt within their own systems. not outside, to other providers. For that you need to set up something else of a solution. Although, the email are secured within the mailbox itself. not read, not hashed, not scanned in any way. that is the only thing you really get. The alias grouping is a perfect setup though. I've used aliases for the sake of easy login to streaming accounts etc for years. But i didn't know there was a service for this too. perfect! =)
Good information shared.... 😊😊😊😊
Great video, thank you! It's would very useful also a video regarding creating a pseudonym inbox!
Will do!
@@AllThingsSecured Thank you!!
i would love to know how you manage all acounts, an email client app or a software. I also manage multiple email accounts and it is a pain to log in to each and every one to check mail. which has resulted in me missing some mails...Would love to know about your process of handling multiple accounts at once
Great video! Thanks.
But isnt protonmail end to end encrypted only for protonmail to protonmail accounts? Also I was trying to use simple login and apple hide to create an account with Skype, and they rejected untill I provide what the called "a valid email address". Last, have you tried DDG email addresses?
Hey Josh, how's it going?
As far as I know the end-to-end encryption in ProtonMail only applies to emails sent and received inside the PM servers (unless you are using PGP or some kind of pre-shared password). That means that when you send an email, for example, to your bank, unless their emails is also being handled by ProtonMail as a Message Transfer Agent (MTA), it is not going to be E2EE. Can you confirm that, or this is not the case anymore? Thanks!
That is correct. As I've said in replies to other comments, I didn't do a good job of explaining that. The value of using a separate E2EE email provider for your banking is not the E2EE, which as you noted does not apply here. The value is in having a login email that isn't publicized anywhere else and therefore is not susceptible to hacks or data leaks from other 3rd parties. Make sense?
@@AllThingsSecured Yess! Makes perfect sense! Thanks for explaining and for all the good work! All the best!
@@AllThingsSecured I'm a little confused still. A default email message from Proton is not encrypted when sent to a non-Proton account, but you can encrypt messages to users outside of Proton Mail using a password (which Rafael mentioned). The best part is, the receiving party has the option to send a secure reply back, even if they are not a Proton Mail subscriber. Is that not considered true E2EE? I use Fastmail as well and do not have that feature, which is why I added Proton to my toolkit.
Btw, loved the video and have started to implement a similar system. As many others have said, I would be interested in a pseudonym video as well. Glad to see you said you'll try to get to one in 2023!
@@AllThingsSecured be a man next time
Does alias work for creating multiple 20GB free MEGA accounts?
I’m not sure, but I would bet that it’s against their terms of service.
Great stuff.