Ask HN: How do you stop email being a single point of failure for security?

4 points by jpallen ↗ HN
What strategies do you use to stop email being a single point of failure in all of your security?

At the moment, I use a single email address to sign up to nearly everything, so if this was compromised an attacker would have access to all the services I use, including backups. I use 2 Factor Auth (2FA) via Google Authenticator on my phone, but since I use the same security methods for my main services and my backups, the backups aren't really protecting against account compromise (e.g. if my phone was stolen).

How can I help to protect against this? Should I use a separate email account just for backups? Or a different form of 2FA, such a a U2F USB key?

Thanks!

0 comments

[ 3.0 ms ] story [ 10.7 ms ] thread

No comments yet.