Copying the data to an external drive and keeping it in the same location as the original is even worse. Where do it put it? The bank only has so many safe-deposit boxes - mine doesn't have any available atm.
Giving the drive to friends or family isn't viable either because I need to encrypt the data and need to store the keys somewhere. So the cloud, i.e. AWS, Azure, Backblaze, etc. is actually a pretty good place.
It is not either or. There is a reason why it is 3-2-1.
> Giving the drive to friends or family isn't viable either because I need to encrypt the data and need to store the keys somewhere.
? You don't need to store the keys anywhere, just a password. And even if you can't remember passwords, the threat model "friends and family" allows for easy passphrases or even sticky notes with password hints.
Depends on the "Cloud".. cloud is and will always be "someone else's computer, somewhere else". Google Drive is not a backup. Carbonite (or Crashplan) is a backup solution.
Of course a successful backup needs to be at least "3-2-1". Not "1" (Google Drive).
One thing I'm excited for is when syncthing implements encrypted devices, so that I and a family member can have syncthing folders that we share with each of them for each of our respective backups.
They share data with me and my computer holds it safely for them even though I can't read it myself, and vice versa.
their house burns down or is flooded? They have their data ready to download from my machine. Same for me. No cloud provider necessary.
I want more redundancy? Add more encrypted devices somewhere else, whether it be the family member living out west, the former coworker living in Japan, or the vps I bought for $5 on sale one day.
It's reached the point where five or so agencies have a de-facto oligopoly over our digital life and the t&c are written almost totally in their favour. I took a .zip of my digital life last year, and I intend renewing it periodically.
If you don't already, you can set Google Takeout [0] to create an export of all your Google data every two months for 1 year and it'll email you when it's ready. I download my data and move it to an archive drive, it would be cool if there was a way to automate the process of downloading and storing x latest archives but I haven't looked into it.
"I’ve been using the same Google account for the last 12 years. And to be honest, I’ve never changed the password and never turned on the 2-Step Verification because I was afraid that I’ll lose my phone or forget my password and I won’t be able to access my account any more."
It's a decision I'm sure the author deeply regrets. The author has another post on their blog promoting security practices[1]. Just going to the settings pane to enable 2FA shows your backup options: backup codes, sms, webauthn, etc.
I only remember one password, and that's the password to my password manager. The rest are arbitrary random strings. Always use MFA. I employ efforts to make it difficult for an attacker to port my phone number, too.
At this point in the maturity of the internet these measures should be a no brainer, but it's a good reminder of how far we have to go.
"One of my other Google accounts actually have been inactive for so long that Google doesn’t trust me when I enter the password and there’s no way to recover."
Hm. That probably means I have lost my Google account. The last time I logged in was in 2013.
> But if I lose my phone my number is gone too since I always use prepaid.
Writee is obviously NOT in Europe, where even to get a prepaid you need ID/passport. That way you can keep the same number forever (if you abide to the "add funds even X months). I have phone numbers in 4 countries (that I tend to visit 'often' and all I need to do is add €$£10 every six months to keep them alive.
So one solution for that is to go to that ISP of yours and ask them to bind your number with your ID. And if you lose the SIM one way or another, you show up with your ID/passport and in 10mins you walk out with the same number.
That's not really true. Every SIM I ever got, no one ever asked me for actual ID. Yeah, some required me to fill in a page with my info, I could've written anything there.
Doesn't that cause the opposite problem - for example, someone with access to your prepaid account could change that data and go clone your SIM?
Not much. I guess at some point you realize how much you depend on things and how a single point of failure could greatly perturb your life. Unfortunately diversifying your identity is not as easy as diversifying, say, your stock portfolio. Are people willing to lose parts of their identity in the same way they're willing to lose parts of their assets?
The article seems only to focus on what happens if you lose your ways to authenticate, but another possibility is getting caught in some weird ban wave like spamming emotes on a youtube stream when the streamer asks you to (https://9to5google.com/2019/11/09/google-account-bans-youtub...) (most of these bans seem to have been reversed, but I don't know if that would have happened without the publicity that came from a popular youtuber calling out google for banning his fans ...)
It's still absurd to me that you can get a full account ban for anything, no matter how big or small. Why aren't these bans more fine-grained? Is it so difficult?
This just reminded me how dangerous and foolish it is to use Google as an OAuth sign-in method.
I’ve idiotically done this for a bunch of major services, including freaking medium.com, among many others. Can’t believe I’ve been so careless. Now I worry and wonder how hard it will be get back to regular email & password.
Depends on the service. Sometimes you have to delete your account and start again unfortunately. But if you can, a password manager is a much better solution that generally doesn’t leak information about all systems an account uses to the account provider for the purposes of targeted advertising.
There is talk of implementing per-service bans. They already exist for adsense and google pay. You can today be banned from adsense but allowed to use all other google services.
Customers seem, if anything, more angry about that though...
Most people I speak to about the adsense bans claim their ban was totally unjustified, but then later reveal that they might have clicked on ads on their own webpage "just once or twice to test it"...
There's maybe a small proportion of people falling into this category but since the bans are automated and triggered on obscure rules outside of the account's owner knowledge, I would argue a that a good proportion of bans are just random. The fact that support is close to non-existent just makes it worse for sure.
I had myself an account banned and I can assure you it's really totally random.
Google doesn't ban itself when they violate their own terms of service (Notification spam, mass WiFi network collection, Google Buzz) "just once or twice to test it"
They're angry about that because the "per service" bans are even more capricious. You can get permabanned from something like YouTube for something as fickle as people being unhappy with your videos and mass-flagging them. And of course that's a "per service" ban, but it would turn into a site-wide permaban as soon as Google thought you were trying to evade it and join YT with another account. I won't even get into the whole copyright enforcement stuff which is just as badly implemented, but at least Google has plausible deniability there since the law requires them to ban "repeat" offenders. No, it's everything else that's real crazy and scares a lot of sensible people away.
Why should they be, from Google’s perspective (which obviously skews towards “our algorithm is perfect”)? If you’ve done something banworthy on one of their properties you’re obviously not worth keeping around anyway as you’re likely to violate policies elsewhere.
That's the horrible part about it. You're spamming smileys on a Fortnite stream? No more access to your email, which you require to manage access to five dozen online services including PayPal, probably also stuff like insurance and whatnot.
Considering how vital ones email account is today, it's time for laws that prevent providers from pulling stunts like this on your mail account, no matter whether it's free tier or not.
Not sure if there might not be a legal recourse if they ban access to your email, at least if they don't give you the possibility of downloading an archive of its contents. Because, unless they have deleted it, they have your data in that email.
So, under a GDPR reasoning https://gdpr-info.eu/art-15-gdpr/ do you have a right to a copy of your emails even if they have blocked your account? Unless they have deleted all your data I think it would be a yes.
Have you tried downloading your data from Google? If you have a large data set (for being a loyal user for years) and a slow (non-business-class) internet connection, the server just expires your auth token before you can complete the download.
This has happened to me. I have been able to get it to work by retrying the download until it works, it took me three tries. If that still doesn't work, Google Takeout supports splitting the download into smaller 1 gigabyte chunks which should hopefully be downloadable fast enough. Still annoying though.
If it was decided you had a valid GDPR claim but Google doesn't give you a decent way to download it that's Google's problem.
The question is if they have to give you your emails if they still have them. I think it would be decided they would have to. It might be worth getting ready to be blocked, get blocked, and then demand the data to set the precedent actually. But I am lazy; the virtue of a programmer, the vice of a concerned citizenry.
Why do you need a law if you already have all tools available to prevent a provider lock-in?
Anybody can buy a domain for the price of two coffees and have full control over their email addresses. There is no excuse for being locked in by google. Even if somebody wants to use google's UI, the emails can be forwarded to google, and at the same time backed up somewhere else in case google shuts down the account.
If you consider how vital one's email account is today, it's time to put down some money.
*edit: Buying a domain often comes with an email service. There is no need to run a mailserver.
> Anybody can buy a domain for the price of two coffees and have full control over their email addresses
the only control you have if you go the "own mail server" route is the control on your tears when you see that your mails are rejected by every other mail server in existence because you made it in some random blacklist
Don't have to run your own mail server, nor would your mails be rejected necessarily... There are a lot of providers around which let you use your own domain.
And if you're using your own domain, you're always able to switch providers by updating your mx records.
But I wouldn't ask my family to do that either, that's just something for tech enthusiasts and people that make their actual living by being reachable through mail (contractors etc)
You can start by using the mail service of the domain provider.
[edit:] On the other hand, if one wants to run his own mail server:
From the last hn discussions about blacklists, I got the impression that [running your own mail server] is not an issue as long as you correctly navigate the anti-spam mechanisms. It's not obvious, but also not a black art.
I would rather be bothered by server security. Since email is so vital, how do you secure your server against recent vulnerabilities if you are offline, e.g. if you are on a vacation.
Sorry, I reshuffled my comment too much. This should have been:
>You can start by using the mail service of the domain provider.
>From the last hn discussions about blacklists, I got the impression that ~this~ [running your own mail server] is not an issue as long as
I absolutely expect my doctor to be able to register his own domain in the same vein that my doctor expects me to not lick Corona infested door handles right now.
Registering a domain is like taking medicine. We expect everybody to be able to do it.
It's the building of domain management infrastructure, the software that sells domains to the users, that is out of reach for the doctor.
Similarly, I expect a barista to register a domain. It's not magic. If he has made his own Amazon, Netflix and Spotify account then he can make one more.
Why do you equate "own domain" with "run your own mail server"? There are reputable mail providers that allow you to use your own domain through their setup, many webhosting places do a decent job of it, ...
Fair enough, but I'd argue being able to move said addresses, without needing cooperation of the mail hoster, at any point is pretty good along the control axis. (Don't forget to have an independent backup of your inbox though if you want to be safe!)
I'm sure money is a real argument for some people, but it's probably also as much an argument to hide for the fact that many (non-Hacker News visitors) don't really have any idea... about how to properly make their online life "redundant", or even the need for it.
They don't have to understand those words. My comment was written for hn, not for them.
Non-technical people still understand accounts: bank accounts, email accounts, netflix accounts, etc.
Those among the technical illiterate, who absolutely have no idea, have gotten their mail account with the help of somebody. Chances are that they are not stupid and understand the concept of accounts by now. If not, they can get a domain account with equal help.
The key concept is ownership. Whoever rents a property understands that he can be evicted. And most people who have bought a house also know that at first the bank owns it and that they could be evicted if they don't come up with their down payments. In other words: almost everybody understands that he can lose something if he doesn't own it.
So it is not a great leap to understand ownership of email addresses. Calling it difficult just allows people to safe face when in fact they just couldn't be bothered.
I wonder if domain email can look pretentious or confusing to non technical people. I own a few domains, including <firstname><lastname>.com and <initial><lastname>.com but I don't work in IT (I'm an accountant), and don't have a business, blog or website. I bought the domains to keep them from bulk squatters.
I set up email with fastmail but I don't use it much. I assume people will look on them as some sort of vanity address.
I probably should migrate my most important logins to my domain email, though.
I can relate. I don't work in IT, and I've been using <firstname><lastname>.com as my main email for years. But in practice I have another email address that I can give around when I feel that using my own domain would look pretentious.
I've pondered buying a domain that's not my name just to make it look like it's a normal email service, so it wouldn't look pretentious. But now it seems to me that a better solution would be to migrate all to Fastmail or Mailbox.org and have an alias ready for that use.
I work in a non-technical field and ask around about this. It definitely looks gaudy and pretentious to some people. You’re not immune to the occasional eyeroll. It concerned me enough to remove it from my resume.
Don't sweat it. Some people will find anything pretentious. I was eating a Shawarma some time ago and a colleague asked me what I was eating. I answered "Shawarma" and this was enough for him to think I was some kind of elitist or whatnot. Bonkers, really.
Because eradicating every last possibility of TOS violations is not what Google's business is about.
These horror stories of banned Google accounts destroy trust. They have lost my company's cloud business for that reason and I'm sure we're not the only ones.
Also, Google's sprawling empire is already in the crosshairs of regulators. Destroying people's livelihoods by applying draconian bans across personal and professional domains doesn't help.
What's weird to me is that they do the exact opposite for SEO spam/scams. They will (maybe) put a penalty on one domain, but they will not touch your other domains. And as soon as you stop doing the spam/scam thing and pinky-promise to not do it again, even the original penalty will be lifted.
> If you’ve done something banworthy on one of their properties you’re obviously not worth keeping around anyway as you’re likely to violate policies elsewhere.
That's a violation of that "assume stupidity instead of malice for as long as possible" rule.
Congratulations on being a better Internet user that the rest of the world! You are clearly very proud.
For the vast majority of people, their SaaS email (in most cases probably a Gmail account) is in fact their primary identity on the Internet, and that's not going to change because they wouldn't even know where to start looking for other options.
Before you say "that's their own fault for not knowing better", I would ask you: did you get your own medical degree so that you can handle all your own medical problems? What about a car? Did you build your own car? Do you have a law degree? Do you grow all your own food? Are you a licensed electrician? How about a food safety engineer? An architect? No? So you rely on established and proven products, systems and service providers for these things? Of course you do, because that's how society works.
Technology folks often forget that we happen to have specialized in a field that is now dominant and pervasive in everyday life, so we "get it" more than most, but that's not the case, sometimes not even an option, for most people..
You seem helpfuless in the era self help. Informationless in the information age.
Did you build your own car? Are you asking us to compare building a car to using a gmail account. The comparison is did you build your own google mail provider. Very few have.
But most of us went to different dealships test drove different cars, looked up tech details and reviews. Reviewed recalls and decided for ourselves.
What kind of special degree do you feel you need to pick a different email provider?
And most people don't uses a sass. I would expect a slightly more tech enabled person to be using a sass (not too many grandmothers or average internet need a sass). Can those people figure out how to signed up without google if they want to? I would hope so. If your sass doesn't offer any other way to sign up it won't be around for too long anyhow.
If you are going to put everything under your google services for your saas pay a few dollars and get a business account if it's important to your business.
> their SaaS email (in most cases probably a Gmail account) is in fact their primary identity on the Internet
In which case they are in luck. There are a multitude of email-providers worldwide, and email is 100% transferable.
Many people for instance use Office 365. A similar SaaS, not Google, allowing you to digitally separate who you are from what you do.
> did you get your own medical degree so that you can handle all your own medical problems?
No. Absolutely not.
Nor did I once sign up for a medical check, pledging that I would for the rest of my life use this one medical facility only.
Do you know anyone who has ever done so? Ofcourse not, because that makes no sense.
And it should similarly make no sense to make such a move in the digital world, maybe there even less.
If you separate email (identity) from what you do (like using Google services), the worst Google can do is ban your ability to do business with Google, not your ability to do business at all.
As a business, why would anyone be stupid enough to take the risk and let Google have that ability?
Edit: As for being the most HN comment ever, how goes conflating email for Gmail and seemingly being unaware of there being other email-providers than Google? I mean, really?
> In which case they are in luck. There are a multitude of email-providers worldwide, and email is 100% transferable.
Really? You think the average person can navigate changing all the services they signed up for with a Google account they've lost access to, and update it to a new account at a new provider?
Having helped a few non-technical but still very smart people do this over the years, I can tell you that for most people this would be way more daunting and painful than you believe.
> If you separate email (identity) from what you do (like using Google services), the worst Google can do is ban your ability to do business with Google, not your ability to do business at all.
You say this so casually, and that's my whole point. Most people wouldn't understand this distinction or even know where to start to actually do this.
You rely on your technical knowledge without even realizing it, to even understand the need or option to do this. Again, most people do not have this level of technical acumen. These are unknown unknowns for them.
I chose cars, health care, food and housing in my examples because they are day-to-day things for everyone that we all take for granted and don't deeply understand, and rely on experts to handle for us, but can't really live without. That's the Internet for most people.
You missed the point by splitting hairs and nit-picking the comparisons.
> As for being the most HN comment ever, how goes conflating email for Gmail and seemingly being unaware of there being other email-providers than Google? I mean, really?
Don’t use Google. Most third party sites that give you an option to use Google, Facebook, etc. also have the option of just creating an account on their site.
As far as email, create a domain name and use your own email address.
Free will is great isn’t it? Everything doesn’t require the nanny state to step in and solve all of your problems.
Optional technologies or services are optional until they aren't.
Dependencies create defacto requirements with the alternative of severe disadvantageous if opting out.
Corporations answer to shareholders, creditors, business partners, and management long before they do individual users. Who, in the case of Google aren't even direct customers (advertisers are). Representative governments answer, however imperfectly, to the governed.
Email self-provisioning has significant hurdles for even technically-competent individuals let alone the general public.
Your suggested alternatives ignore the problem and create more.
Optional technologies or services are optional until they aren't.
So now we are going to go down the whole “Minority Report* rabbithole and make laws just in case? You don’t tie your login infrastructure with Google, you use Oauth 2 and plugin any third party you wish.
Representative governments answer, however imperfectly, to the governed.
How well is that working out in the US between gerrymandering, the electoral vote having an opposite outcome than the popular vote, and how it is almost impossible to get rid of an incumbent?
Email self-provisioning has significant hurdles for even technically-competent individuals let alone the general public.
I didn’t say set up your own email server. I said create your own domain. You can create your own domain with your own email address with a few clicks on Godaddy. If you don’t like GoDaddy, there a dozens on other places that will transfer your MX record to them and you keep your own email address.
Depending on your jurisdiction, there are numerous laws and regulations governing private busines-individual services and relationships, including those concening employment, housing, transport, communications, lending, banking, data services, healthcare, barber and cosmetologist services, food, drink, lodging, gambling, theatre, insurance, brokerage servises, funeral and burial services,and others.
Regulations serve to create a common and uniform floor of service levels.
The problem with a strictly voluntaryist, free-market, laissez-faire approach is that it tends strongly to a Gresham's law "bad terms drive out good" race-to-the-bottm dynamic, particularly unfortunate when there is but one monopoly provider on the market.
This occurs well before reaching the far end of the slippery slope on which you seem to be perched.
Several of my earlier comments have been badly misapprehended, I'll not belabour them though I'll note the fact.
Gresham's law doesn't work in strictly free market economy. By definition, debased coins will drive out regular coins only if you force the acceptance of both coins at face value. It only works under legal tender laws.
If people read the conditions of the free google account they realize that the service can be terminated at any time for any reason without warning, and there's absolutely nothing there about any corrective mechanisms.
Contrast this with terms of [especially national] domain name ownership.
Anyway, given the number of people who will give their data to such a service under such conditions, you may well be right that some regulation would be useful, especially around getting your data out in some short time period after account termination. (But only to holders of the valid authentication credentials.) Forced email address portability would be also nice (provider would have to forward incomming emails for a reasonable fee or for free), for some limited time, maybe a year.
You're not thinking of the typical consumer, who won't have a clue about why using a proprietary service could be bad until the shit hits the fan.
It's all well and good for you - someone who's aware of the risks and issues - to say "just don't use Google/Facebook", but laws would protect the average person who just wants the quickest/easiest way to get an email account or to sign in to websites.
Also even if consumers were all highly educated in the pitfalls of Google etc., major websites still force you to use Google technologies whether you like it or not. Google Recaptcha is everywhere; eBay forces you to use it to sign in to your account. Are people now supposed "just don't use eBay" now as well?
So now we need laws instead of education? Are you also okay with Apple’s “walled garden” because it protects people?
Yes, if you don’t like the tradeoffs that eBay gives you - don’t use EBay. You can use Amazon, Facebook marketplace, Craigslist, etc. to sell and buy stuff.
I’m sure it would be much more efficient if we passed laws stripping everyone’s freedom of choice and entrust the government with enforcing “The One True Way”. What next? Have a centralized authority to guide the economy using “Five Year Plans”?
Yeah that was snarky. But are you actually saying there is no alternative in your country besides Google? Yes you can get to google.com from almost anywhere in the world. That’s kind of how the internet works.
You can also get to another website just as easily.
You have to remember: politicians are the geezers that gave Zucc softball questions on FB violates their users (0), wanted to ask Bill Gates how to lock down our internet (1), nevermind the countless nanny state bills they have proposed over the years to censor the entire internet like they do for their grandkids. Please don't ever, ever forget that these people have not a clue how any of this works and will take an axe to the security and open-ness of our beloved series of tubes.
1. The average tenure of Senator or Representative in the US is steadily increasing.
(https://www.termlimits.com/new-research-congressional-tenure...) and because of how much money it takes to win an election, it’s really hard to get rid of a member of Congress.
2. Because of how both the Electoral College was designed and the design of the Senate with 2 senators per state regardless of population, if you live in a more populous state, you have less voting power.
3. The more tenured Senators have more power and they have the power to block legislation. The people of the state where the leaders live are the only ones that can oust the Senate leaders.
4. Most rules aren’t done by legislators they are done by committees led by Presidential appointees who are approved by the Senate - again appointments can be blocked by the leaders of the Senate. Many of their policies are approved and struck down by unelected judges.
5. Then there is always gerrymandering.
6. You really don’t believe politicians - many of whom basically did insider trading pre-Covid - are greedy rich people? The President himself is a billionaire.
“I trust elected politicians, controlled by checks and balances, more than unelected greedy billionaires only supervised by themselves.”
So the alternative between trusting greedy rich people who both don’t have the power of the state, and I can choose to use alternatives, is to trust greedy rich people with the power of the state - most of which I have no power to get rid of because a) they aren’t in my district, b) the alternatives don’t have the money to get elected, and c) get elected by the flyover states because they have two senators just like the more populous states
I agree, but come on. Let's be honest about the scope and magnitude of this bucket. I have a business that relies on a Chrome extension to be on their web store.
Say I accidentally trip off something in their opaque machine learning algorithm that determines my extension (or even a YouTube comment!) breaks their terms of service. They would have the right to completely block my account and remove the extension. Effectively, wiping out how I make a living with a single automated bit flip.
It hasn't happened to me, but the people that share horror stories of how it happened to them scares the $#!7 out of me.
As the Internet gets more privatized and less "open", I just wish there was something that required a fair "trial" of my account being suspended. The balance of power online is slowly shifting and I feel there needs to be something protecting the rights of individuals (the public) online.
If you spend some time on the other side of it, it'll make more sense. I've done anti-abuse work before and you would not believe the number of people who due to greed, malice, or some sort of perverse glee will spend massive amounts of time working to abuse your service.
Especially when that service is free and effectively anonymous, it's just not possible to give each case a full and fair hearing. You know that you'll get false negatives and false positives. You can try to minimize them, but actual justice is expensive. Too expensive to pay for with ad sales, that's for sure.
That screenshot of Google saying that in a short amount of time they’d be deleting all your data, plus the email where their “ban review” system just rejected them and said any further replies would be ignored, are really really worrisome and highlight to me the critical importance of minimizing my reliance on Google services (as much as possible).
They mean that in case they would lose their Google account, they'd try to get the story of losing it on the HN front page so that someone from Google sees it.
> One of my other Google accounts actually have been inactive for so long that Google doesn’t trust me when I enter the password and there’s no way to recover.
"There is one more option for super paranoid people. Backup all your data."
I would argue that this should apply to everyone, not just the paranoid! The fact that most companies make this easier nowadays, like the linked Google Takeout, is actually a real, useful improvement.
If you backup regularly, you should also restore to test it works properly, and the reality is there is no decent way to restore a google takeout archive to another google account, or any competing service. The closest you'll find is a hodgepodge of scripts to incompletely restore some data...
It feels weird to see this called super paranoid, I've been backing up my data ever since my first PC went belly up on me. Didn't have much on it but lost some photos, so now I keep everything backed up and still break out into a sweat the moment my laptop starts making any unusual noise.
Technology isn't perfect so a backup is a must for anything of value: whether financial or sentimental. For a good example of why backups matter, look at the history of Doctor Who. They didn't leave any backups of parts of the original show because they figured those were pointless, re-recording on the physical copies instead. Now the old episodes of the show are being searched for across the Globe, I believe some were even found at some man's home in Brazil. Backups and archiving stuff is essential.
Their account recovery (which only needs answers to one or two of their questions, not all) seems to be used for account highjacking. I lost one that way, and searching around I found many people with a similar story.
If they just stuck to requiring a very strong password and not letting anyone in without it, no exceptions, no ifs, no buts, I would still have that account.
Fortunately it was an old account I wasn't using anymore.
Just use one Google account per Google service, it's the safest way haha.
The problem this article touches on is huge, because everybody who has a computer is affected and almost nobody takes the necessary precautions. Especially non-technical computer users can easily lose years worth of important data.
I've tried to set up contingency plans for the cases that I lose access to my:
- phone (which contains Google Authenticator with plenty of important logins; unfortunately some of my 2FA is still based on SMS)
- my laptop
- my Yubikey
- my wallet (with ids and a credit card)
due to theft, damage (house burns down) or simply loss.
Another under-appreciated risk: losing my memory (my master passwords are only in my mind - what happens if suffer a head injury and forget?)
Redundancy is one countermeasure: Have more than one bank account + stock portfolio, more than one credit card (servers might go down if a credit card is blocked) and physical devices (phone, laptop) in store to stay operational in case of an emergency.
Full machine backups + regular uploads "to the cloud" for raw data; occasional transfers to (multiple) external hard drives.
I don't think there is a way around a safe physical space with printed backup codes on it. Ideally not in the same house - maybe with a bank?
A list of instructions for numbers to call for account recovery or blocking. Which information will I have to provide?
In a similar vein: what happens to my data after I die? How would my (non-technical) family be able to access my pictures and writings? A digital inheritance would be prevented in my security set if I don't prepare.
This space is fascinating to explore, the zeros and ones people have stored on their devices are incredibly valuable to them and this treasure is poorly protected. Generally speaking: No backups, weak passwords, outdated software, old hard drives ... risks abound
Google surely has very capable security people, but right now my account there is the central vector of attack, most of my passwords can be reset through my email, a huge portion of my communication runs through Gmail, Whatsapp is backed up to my Drive, most of my pictures are on Google. It's probably a good idea to disentangle the situation a bit to be prepared for the case that Google's fortress gets breached one day.
Without compromising your security - I'd love to know how others approach their personal IT security challenges?
and closely related: the "digital graveyard", there's this Wired article of a guy who recorded his father and trained a voice model on his written communication [0]. A place to go if we want to be reminded of the voice, handwriting, face or attitude of a loved one. Faraway stone plates on crowded graveyards don't seem appealing to me in a world where families are often dispersed over the globe.
> losing my memory (my master passwords are only in my mind - what happens if suffer a head injury and forget?)
Not just a head injury, this can easily happen if you find your keychain 10 or 20 years later. I don't think that there is a good solution to it. Maybe biometric data, but then again, I want to have a control over when my data is accessed and in many countries it's legal for law enforcement to make you use your finger or face..
Physical safes don't lock things the way cryptography does. You can always get in, especially if you're the legitimate owner because that way you don't need to worry about doing it in secret and not making a lot of noise.
> Without compromising your security - I'd love to know how others approach their personal IT security challenges?
Most of my security is based on OpenPGP keys stored on a Yubikey. In case the first one is broken/lost I've got another one. If both are lost there is a master copy on an offline computer that can be used to provision more Yubikeys.
The key unlocks access to passwords stored in pass. Because pass is based on git and gpg can be used to access SSH then the same yubikey is used to pull/push changes to pass and read encrypted passwords. On both the laptop and the phone (Password Store).
Data on the computer is LUKS-encrypted, unlocked by the Yubikey. Full backup of my laptop's SSD is done via btrfs send/receive to a raid1 array of 3 disks (raid1c3) on a regular intervals. A small subset if very important data (documents) is also backed up via restic to S3 and Backblaze.
I try to "backup" as much of my work as possible by releasing it as open-source (where it's preserved by the Github etc.) or publishing it on a web-site (where it's preserved by archive.org).
> In a similar vein: what happens to my data after I die? How would my (non-technical) family be able to access my pictures and writings? A digital inheritance would be prevented in my security set if I don't prepare.
I've been thinking about this lately and maybe it's not a popular opinion but... would people really need your data when you die? I get access to photos (my SO has the PIN code) but everything else? Maybe this is just digital junk? Who would enjoy browsing terabytes of my data looking for... what exactly?
This sounds like my dream setup. Have you written about it somewhere in more detail or could you recommend some resources that you've used for implementing the solution?
> Most of my security is based on OpenPGP keys stored on a Yubikey. In case the first one is broken/lost I've got another one. If both are lost there is a master copy on an offline computer that can be used to provision more Yubikeys.
Sounds like a good start, I'm going to have to do much more reading on this, I use my YubiKey just as a browser 2nd factor for a few 2FA apps.
In general I'm not sure how the YubiKey stores keys and till now I had no idea you can backup YubiKey
> The key unlocks access to passwords stored in pass. Because pass is based on git and gpg can be used to access SSH then the same yubikey is used to pull/push changes to pass and read encrypted passwords. On both the laptop and the phone (Password Store).
I'm not sure about storing the master keychein file in Git, but the workflow sounds interesting (I didn't fully understand the paragraph though).
> Data on the computer is LUKS-encrypted, unlocked by the Yubikey. Full backup of my laptop's SSD is done via btrfs send/receive to a raid1 array of 3 disks (raid1c3) on a regular intervals. A small subset if very important data (documents) is also backed up via restic to S3 and Backblaze.
This is next level and not of immediate interest to me. I was looking at something simpler like: https://cryptomator.org/
> In general I'm not sure how the YubiKey stores keys and till now I had no idea you can backup YubiKey
Well, actually you can't. You can backup keys if you create them in software and then just copy then to YubiKeys instead of moving them there. If you do that in an offline computer there is no risk of any malware stealing your keys in mid-process: https://news.ycombinator.com/item?id=21701488
Setting up Yubikey and OpenPGP took me some time reading all resources on the net but once done this is just working without any hiccups.
> I'm not sure about storing the master keychein file in Git, but the workflow sounds interesting (I didn't fully understand the paragraph though).
If it's encrypted there is no much harm to be done here. The only leaking info is that by default pass uses filenames based on domain names so if you have credentials for news.ycombinator.com they'd be in "news.ycombinator.com.gpg" file. For me a private repo for this use case is OK.
> This is next level and not of immediate interest to me. I was looking at something simpler like: https://cryptomator.org/
Yep, I do store external disk passwords in pass too. Udiskie can use a decryption command so when I put something like this in the config: `password_prompt: ["pass", "devices/{id_uuid}"]` it will grab the password from password store. This has an added benefit that I won't forget the password (it's stored alongside all others) and it's always valid (it's checked on each boot by udiskie).
I wonder if you push your Password Store to GitHub? Its encryption is based on RSA with around 128 bits of security with current keys. It's unclear if it's going to stand beyond 2 decades.
I might be paranoid but with clouds I would be more comfortable with AES-256. If RSA is a must, maybe RSA 7680.
For the record there are quite a few new algos in GPG, most notably ed25519. While RSA 7680 offers 192 bits of security [0] ed25519 on the other hand is offering 128 bits of security. GnuPG 2.3 will have ed448/goldilocks available [2] and that should offer 224 bits of security [3] so in theory it should be better than RSA 7680.
I don't mind putting my encrypted passwords in a private GitHub repo but I understand the concern.
Start by not using Google Authenticator. It's outdated and has security vulnerabilities allowing malicious apps to extract your code. And it's impossible to backup without a rooted device. Anything that supports "Google Authenticator" really means any TOTP app is supprted, so for example andOTP on Android may be a good choice. Or you can use Authy or 1Password if you trust them.
Phone broke and I must have typo while doing a regular password change - now I have no way to again log into my account as i can't provide the 2FA and none of the other options work (providing old contact emails, phone code, backup email, ... All doesn't matter just because I don't have the authenticator).
I would first write down the master passwords, and store them somewhere safe.
It does not have to be fort knox safe, enough if stored at a trusted place which has no direct relation with you (in my case it is my best friend I trust with my life)
something like aegis is much better than googles authenticator. you can backup your keys and store them somewhere secure (veracrypt or whatever) and it also lets you choose a custom icons which makes it a bit easier to see what is what at a glance
What's the point of removing old addresses? I mean I'm all for privacy, but forward all your old accounts to one funnel account and ensure you never lose that data.
Not keeeping your account is a security hazard.
If someone else would be able to use it, he now has access to some password resets. Or just call a support agent to restore the old email address.
Not on Gmail, but there certainly are email providers that allow a username to be recycled after a certain period of time. Notable example is Yahoo, which recycles usernames that haven't been active for a year: https://yahoo.tumblr.com/post/52805929240/yournameyahoocom-c...
Google does not allow anyone else to register the name ever again, so there's no risk of identity theft. The main reason is to remove cruft I don't need or use.
That is good to know, thanks. Someone in Google gave me an invite three years before GMail was formally released publicly, so I have my name. There might be a point when I cancel my account and it would be great to be protected from someone claiming my old email address.
I like paid for Google services like GCP, Play movies and books, etc., but I want my online identity and all communications to be through my domain.
Apart from email, which can be hosted in a myriad of places, I tend to use etherpad/calc and nextcloud. I guess I was not a heavy user of Googles services for quite some time.
> One of my other Google accounts actually have been inactive for so long that Google doesn’t trust me when I enter the password and there’s no way to recover.
This is problematic if a system relies on your using it enough to be a proof of authentication.
Serious question: how? I had been a google avoider for years already when I upgraded to a smartphone, and a mandatory part of the setup was creating an @gmail for it, that I couldn't steer around or find an alternative to. I only use that account to "forward stuff to my phone" but I did still need to create it, afaik.
At least a while ago you could skip setting up an account. But that means you need to use an alternate app store.
Or you get a device that is supported by lineage. Then you're even freed from all the Google related services that would otherwise still run in the background and do who knows what. You'd still need an alternate way of getting apps, and even if you sideload them, some might not work since they rely on Google play services.
Or you get a Chinese phone, since Google is banned there they all have alternate app stores, plus a crap load of shovelware that spams your notifications with ads and you share all your personal data with a different government agency than you would with the Google variant.
I think you can create an account without using Gmail as the email. For example, you could create a Google Account with joe.smith@outlook.com if you wanted to. At least, that was possible some years ago.
There are great phones being sold right now which run Android and which have zero Google integration whatsoever. The parent post was implying that it's literally impossible to use an Android phone without a Google account, which is straight up not true. What's so strange about that?
For example the latest Huawei phones - the P40 Pro has an insane spec, fantastic camera, latest Android.....and no Google integration at all. Whether that's good or bad you have to decide for yourself, but it's not just some cheap knock-off garbage phones.
Google can at any time decide to require you to provide additional authentication. What year and month did you create your account? What previous addresses have you logged with google. There are about a dozen prompts to prove yourself to them.
Finally, spinning busy icon and... red text says you are denied. You are properly screwed.
A funny one: I am locked out of a former Gmail that forwards every email to my currently active address. This "forward everything" is not throughout IMAP/Pop but some Gmail feature.
One day I couldn't login anymore to the old account (maybe I typed the wrong password 3 times or maybe it was deemed inactive because I would never login?)
I try the recovery process once in a while with everything (code by SMS, code by recovery email, etc). Never works.
But I still receive every email sent to that account through the "forward everything" setup from XX years ago.
The same thing happened to me, I happened to notice and set up the forwarding the day I lost access to the account. I feel pretty lucky for that, it made leaving much easier.
I wouldn't be surprised if forwarding is a "This account is compromised" indicator and is unintentionally short circuiting and causing accounts to be locked out.
That makes sense in my scenario... im in this scenario, but if true, that just means the owner loses the account and the alleged infiltrator(s) keep the forwarding.
Thanks for that anecdote. I was planning on using the lockdown home office situation to finally buy some domain and set up my own email server.
I wasn't sure whether I should set up forwarding on my Gmail account or have the server fetch mail from it regularly. Was leaning towards the second option but I think now it's settled which option to choose.
Edit: Ok there's one more stupid scenario. Let's assume I do lose access to the Gmail account but forwarding still works. Now I'm in an accident and stay at a hospital and totally forget to pay the renewal fee for my domain. Boom, some domain squatter gets all my mails. Actually, that would even apply without Gmail in the mix. Sure I'd set up automatic payment for renewal but still, can I be a little paranoid here? ;-)
If your payment method can be auto charged each year, and is paid for out of something like investment income, your domain is essentially perpetual (I do this).
You can even automate that, for up to 100 total years of domain ownership, if you are willing to deal with Network Solutions.
They offer terms of 20 years and 100 years, which are longer than the standard maximum 10 years. The way it is implemented is that they register the domain for you for the maximum allowed time (10 years for most TLDs), and then each year the extend it by a year keeping the expiration as far out as allowed for that TLD.
I looked at this a while ago, when contemplating moving my domain in .net from there to Namecheap (where I already had a .us domain), because they gave a big enough discount on 100 years that it brought the price per year to $9.99, which is pretty good for a .net.
Then I realized that even if I lived long enough to become the oldest living human I'd still only get about halfway through the 100 years making the cost per year effectively $20, which is a crappy price for .net.
Now it is even worse. They have doubled the price for 100 years, making it a crappy deal. Even if annual .net renewal went up 10% a year, it would take 29 years before you would have been better off going with 100 year NS over year to year Namecheap. (They NS 20 year plan would be better off after 16 years).
At 5% annual increase, NS 20 is about the same cost as Namecheap, and NS 100 beats Namecheap after 44 years.
(This is all assuming that in the Namecheap case the money that would have been spent upgrade on NS 20 or NS 100 is just sitting around. If you assume it is invested in some safe long term investment, NS 100 and to a lesser extent NS 20 makes even less sense. Also there is the risk that at some point NS will no longer be around and their demise happens in a way that kills these long term registration programs).
"Thanks for that anecdote. I was planning on using the lockdown home office situation to finally buy some domain and set up my own email server."
Don't do this. Buy an email with a domain that offers email. e.g. gandi.net or infomaniak.com
They do have phone numbers if things go wrong. Hosting your email is easy. Having you emails delivered and not blocked is an art.
Ha I'm in the same boat as well. Locked out of my first ever Gmail account and thank the stars that I had this forward everything set up.
Every few months, I try the recovery process again to no avail. "Sign-in with Google" is very convenient so it'll be a pain to move to proton + outlook but c'est la vie
Are you me? I also don't have access to my first Google account but it forwards all of its emails to my current one.
I can confirm it works as well since someone sometimes fat fingers whatever email address they use for car repair and I get the invoice for it due to Google not respecting the dots in the email address.
My master plan is to get hired at gmail just so I can click the admin reset password button and get access to that account directly so I can finally see the very first emails I ever received.
Similar thing happened to me. Lost access to a perfectly set-up forwarding account. The account recovery process is impossible because I nolonger have the same phone number from 10 years ago.
Hey me too! Changed my phone number like 12-14 years ago so can no longer access the account.
And same as everyone else, already had forwarding in place so it's just kind of... there in an uncomfortable limbo. I don't really use it for much so it's not a big loss but it would be nice to resolve one way or another.
I stopped using "Sign in with Google" about a year ago and moved to storing all my passwords in my Firefox account and in Bitwarden (and sometimes in iCloud for good measure).
I never use Google to login anywhere anymore. I create an email and an (autogenerated secure) password everywhere. If they don't see fit to support this, they don't get my business.
Then I just let Bitwarden/Firefox take care of everything. Logins, etc. I have 500? passwords stored. Don't know any of them. I prefer it this way.
NB forwarding does NOT include "spam" email... i have all my Gmail accounts funnel into one and i check the spam buckets of all, every 4 weeks (otherwise Google turfs em). i usually find a few (rather important) false positives in that monthly sweep.
Further note that gMail filters at every step, eg this includes a downstream "archive" account. So there are false positives coming from a "known" [single source] good account and of already vetted emails...
i do wish there was a way to forward everything ... where everything meant everything ... filtering optional.
You can do this by setting up a filter that matches all messages that don’t contain something like “thisrandomstringwillneveroccurinthewild”. You can have the filter forward the message AND day “never send to spam”.
I've got an old gmail address with pop3 enabled that my main gmail account pulls emails out of. Hadn't logged into the old address in a couple years because everything was working. One day I decided to rotate all of my passwords, got to that old gmail account and it refused to let me log in and wouldn't say why.
"No big deal" I thought, I use a password manager, have all historical passwords, have the 2fa device, same phone number, same address, I have access to the recovery email address, and pop3 still works so I know I have the current credentials. I'll just reset the password.
Nope, wrong. Even though I have every possible form of identification the account will not let me log in via the web interface and will not let me reset the password. I get stuck in a loop that eventually ends with "Thanks for verifying your email. Google couldn't verify that example@gmail.com belongs to you."
The pop3 functionality still works, but the password can never be reset and the web interface can never be logged into. I suppose this will continue until the day google decides to ax pop3 and imap, no doubt accompanied by a blog post with comments disabled explaining it's for our own good, at which point that address will be lost to the sands of time.
This also happened to me. I have a second email address I set up and set all forwarding to another Gmail. I've lost the password to the second account, but still receive all of the messages. it's not that I need to get into the account or use that email address. mostly I just want to make sure it's secure and nobody else can get into it.
Who knows... maybe someone else recovered it that he's using it as their primary address and I'm just getting copies of all their messages?
This happened to me. I managed to log in to my childhood Email account (or rather, have it recreated since my dad owned the domain) and open the link from a password recovery email and google still refused to let me in even though I had been logged in on the same computer just minutes ago.
So because their authentication used some stupid heuristic combined with the “no reusing old passwords” thing I was forcibly deplatformed. I’m not making another account, I already wasn’t happy with google and that was enough to make me give them up.
You can self-host. Don't use cheap VPS providers, spammers like cheap VPS too. I can't give US specific advice, but in EU business Internet connection with static IP is good enough. If your finances allow, reputable colocation provider is good way to go. Now you can make your own little digital home; file storage, mail, homepage and so on.
That is worked for me over 15 years, over 5 ISP-s.
Additional bonus: instead well known "+" trick in gmail address you can make real throwaway addresses.
+1 for self-hosting. Doing that for nearly 10 years now, by far the most difficult part is setting up a mail server, but after that you can put on your resume that you know how to configure Postfix (which I am quite certain is one of the most difficult Linux server applications to configure). Backups, webmail, file storage, calendar etc. are quite easy to set up.
Postfix has flexible configuration system with many knobs. I would say though, that official documentation is nice and detailed. Last time I checked Debian defaults looked pretty good, so you don't need fiddle too much to get reasonably useful and secure setup.
Unfortunately, this may not be enough. I used to self-host, and ended up moving to Fastmail because of deliverability problems to GMail. This was on a physical server hosted at a reputable colo in San Jose. Nobody could ever figure out why I'd often end up in the Spam folder. Not the HN commentariat, not even my SRE friends at Google.
Honestly, it's a huge relief. Self-hosting has gotten much more complicated over the years. It's very nice to know that there's a round-the-clock staff of professionals taking care of security, deliverability, and fighting spam. And software upgrades, of course!
So, You point out that gmail was opaque and unpredictable in thread about google being dangerous? Seems fitting.
Sadly, that is on google, you aren't really safe anywhere, if gmail is involved. You think that using big provider protects you, but in reality some people are complaining about spam marking issues even gmail to gmail communication.
> Nobody could ever figure out why I'd often end up in the Spam folder. Not the HN commentariat, not even my SRE friends at Google.
I had this exact same problem 3ish years ago and bailed out to Fastmail for the same reason. The thing that made me throw in the towel completely was what I found out from someone who looked into it for me after I shook the tree of my professional and social contacts. This person was involved in Gmail but not directly in anti-spam, but told me that my domain had "limited reputation."
That domain, which predates the existence of Google by at least a year, had been hosted on the same IP address (IPv4 and IPv6) for almost a decade, with the same MX, A, and PTR records for the entire time. Nothing at all changed about how that domain was configured. Yet it was intermittently being flagged as "limited reputation" and either dumped in the spam folder or simply accepted for delivery and silently dropped.
I took that domain and moved it to Fastmail 3 years and 3 months ago--I know the exact date because I paid for three years of e-mail service at the time and recently renewed it--and haven't had a problem since because, unlike my single-server operation that used to be considered an equal peer on the Internet but not any more, Fastmail has enough pull and reputation to not have messages from its subscribers blocked by other e-mail hosts.
That makes total sense to me, and my situation was similar. I have often suspected that the problem was just that my mail volume was too low. Which totally fits with my impression of Google as being entirely ok with bad outcome for individuals as long as the percentage is low enough: https://news.ycombinator.com/item?id=23059071
It is notoriously impossible to host your own email. Large email providers have created an oligopoly of email "quality" acceptance, and there's effectively no way to get your deliverability to a reasonable rate unless you use one of them.
I don't think it's necessarily malicious in nature - more the product of spam filtering.
I wonder if email authentication methods like DKIM/SPF/etc.. help this problem these days.
I saw migadu in a recent thread on HN and am now a paying customer. But even the free tier is impressive (unlimited domains!) and support is human & very quick so it won't delete your account for non-payment (looking at you mailbox.org)
It's been few years. I am on Mailbox's 12 Euro/year plan which has "forum" only support (I am not sure it changed after I became a customer). My emails suddenly stopped working once and I received email response after a week (which just had an irrelevant link). I had reset the mail setup by then after backing up email from local client. I replied to the email asking what went wrong and never received a reply. They seem very aloof and high-handed about customer support if I may say so.
I am looking at moving my mail provider. I have stopped using @mailbox.org mail for online a/c signups etc (which I did a lot earlier) and have started removing it from wherever it is used already.
Is Migadu stable and been around? How's their service and privacy track record? Did you evaluate any other provider in Euro 12-20/year budget range? My email usage is extremely low volume.
Migadu fan here. They recently overhauled their admin interface and have updated the SPF/DKIM setup. Its $4/month and certainly good. They’re based in Swiss so GDPR compliant. Data stored in France though in a ISO/IEC 27001 compliant datacenter.
Their privacy policy is well written (I have read 100s if not thousands of them in grad school, I can tell you they’re not vague)
Support is human!!! It’s really good to know there’s a human on the other side.
504 comments
[ 2.4 ms ] story [ 795 ms ] threadGiving the drive to friends or family isn't viable either because I need to encrypt the data and need to store the keys somewhere. So the cloud, i.e. AWS, Azure, Backblaze, etc. is actually a pretty good place.
> Giving the drive to friends or family isn't viable either because I need to encrypt the data and need to store the keys somewhere.
? You don't need to store the keys anywhere, just a password. And even if you can't remember passwords, the threat model "friends and family" allows for easy passphrases or even sticky notes with password hints.
Of course a successful backup needs to be at least "3-2-1". Not "1" (Google Drive).
They share data with me and my computer holds it safely for them even though I can't read it myself, and vice versa.
their house burns down or is flooded? They have their data ready to download from my machine. Same for me. No cloud provider necessary.
I want more redundancy? Add more encrypted devices somewhere else, whether it be the family member living out west, the former coworker living in Japan, or the vps I bought for $5 on sale one day.
Thankfully I rejected the opportunity to "date" Google when all my friends were jumping on that train many many years ago :)
[0] https://takeout.google.com/
That's what I did for Drive, Photos and Gmail. I setup cron jobs to automatically pull everything from there and save it locally.
Should I even bother to keep reading?
I only remember one password, and that's the password to my password manager. The rest are arbitrary random strings. Always use MFA. I employ efforts to make it difficult for an attacker to port my phone number, too.
At this point in the maturity of the internet these measures should be a no brainer, but it's a good reminder of how far we have to go.
[1] https://blog.viktomas.com/posts/security-is-like-ogres/
Hm. That probably means I have lost my Google account. The last time I logged in was in 2013.
Check your password here: https://haveibeenpwned.com/Passwords
For very old accounts, they'll normally force you to add a phone number or recovery email address though.
Writee is obviously NOT in Europe, where even to get a prepaid you need ID/passport. That way you can keep the same number forever (if you abide to the "add funds even X months). I have phone numbers in 4 countries (that I tend to visit 'often' and all I need to do is add €$£10 every six months to keep them alive.
So one solution for that is to go to that ISP of yours and ask them to bind your number with your ID. And if you lose the SIM one way or another, you show up with your ID/passport and in 10mins you walk out with the same number.
Doesn't that cause the opposite problem - for example, someone with access to your prepaid account could change that data and go clone your SIM?
Also, for anyone thinking about giving up gmail: check out fastmail. I never regretted switching my email over to them.
I’ve idiotically done this for a bunch of major services, including freaking medium.com, among many others. Can’t believe I’ve been so careless. Now I worry and wonder how hard it will be get back to regular email & password.
Customers seem, if anything, more angry about that though...
I had myself an account banned and I can assure you it's really totally random.
Considering how vital ones email account is today, it's time for laws that prevent providers from pulling stunts like this on your mail account, no matter whether it's free tier or not.
So, under a GDPR reasoning https://gdpr-info.eu/art-15-gdpr/ do you have a right to a copy of your emails even if they have blocked your account? Unless they have deleted all your data I think it would be a yes.
The question is if they have to give you your emails if they still have them. I think it would be decided they would have to. It might be worth getting ready to be blocked, get blocked, and then demand the data to set the precedent actually. But I am lazy; the virtue of a programmer, the vice of a concerned citizenry.
Anybody can buy a domain for the price of two coffees and have full control over their email addresses. There is no excuse for being locked in by google. Even if somebody wants to use google's UI, the emails can be forwarded to google, and at the same time backed up somewhere else in case google shuts down the account.
If you consider how vital one's email account is today, it's time to put down some money.
*edit: Buying a domain often comes with an email service. There is no need to run a mailserver.
Not everyone can run an their own email server.
Having a domain and email address is as easy as: Buy the domain, log into the domain account, create an email address, done.
At that moment, you have an email address with a web UI to which you can log in as easy as to any other email provider.
But I do also understand the demographics of this site and why some people here would find that unpalatable.
the only control you have if you go the "own mail server" route is the control on your tears when you see that your mails are rejected by every other mail server in existence because you made it in some random blacklist
And if you're using your own domain, you're always able to switch providers by updating your mx records.
But I wouldn't ask my family to do that either, that's just something for tech enthusiasts and people that make their actual living by being reachable through mail (contractors etc)
[edit:] On the other hand, if one wants to run his own mail server:
From the last hn discussions about blacklists, I got the impression that [running your own mail server] is not an issue as long as you correctly navigate the anti-spam mechanisms. It's not obvious, but also not a black art.
I would rather be bothered by server security. Since email is so vital, how do you secure your server against recent vulnerabilities if you are offline, e.g. if you are on a vacation.
Similar argument: "Why do we even have doctors? Anyone can buy a medical textbook."
>You can start by using the mail service of the domain provider.
>From the last hn discussions about blacklists, I got the impression that ~this~ [running your own mail server] is not an issue as long as
I absolutely expect my doctor to be able to register his own domain in the same vein that my doctor expects me to not lick Corona infested door handles right now.
Registering a domain is like taking medicine. We expect everybody to be able to do it.
It's the building of domain management infrastructure, the software that sells domains to the users, that is out of reach for the doctor.
Similarly, I expect a barista to register a domain. It's not magic. If he has made his own Amazon, Netflix and Spotify account then he can make one more.
"provider", "lock-in", "domain", "UI", "mail server", "email service"
They have no idea that what you mention is even possible, let alone how to do it.
And you know because you've probably invested tens to hundreds of hours into figuring out these things.
Non-technical people still understand accounts: bank accounts, email accounts, netflix accounts, etc.
Those among the technical illiterate, who absolutely have no idea, have gotten their mail account with the help of somebody. Chances are that they are not stupid and understand the concept of accounts by now. If not, they can get a domain account with equal help.
The key concept is ownership. Whoever rents a property understands that he can be evicted. And most people who have bought a house also know that at first the bank owns it and that they could be evicted if they don't come up with their down payments. In other words: almost everybody understands that he can lose something if he doesn't own it.
So it is not a great leap to understand ownership of email addresses. Calling it difficult just allows people to safe face when in fact they just couldn't be bothered.
And non technical lawmakers are able to write effective laws?
I set up email with fastmail but I don't use it much. I assume people will look on them as some sort of vanity address.
I probably should migrate my most important logins to my domain email, though.
No.
> or confusing
Occasionally, with customer service phone reps. It's a good filter to identify people who are too low IQ to trust in general, so it's a great signal
I've pondered buying a domain that's not my name just to make it look like it's a normal email service, so it wouldn't look pretentious. But now it seems to me that a better solution would be to migrate all to Fastmail or Mailbox.org and have an alias ready for that use.
These horror stories of banned Google accounts destroy trust. They have lost my company's cloud business for that reason and I'm sure we're not the only ones.
Also, Google's sprawling empire is already in the crosshairs of regulators. Destroying people's livelihoods by applying draconian bans across personal and professional domains doesn't help.
That's a violation of that "assume stupidity instead of malice for as long as possible" rule.
Congratulations on being a better Internet user that the rest of the world! You are clearly very proud.
For the vast majority of people, their SaaS email (in most cases probably a Gmail account) is in fact their primary identity on the Internet, and that's not going to change because they wouldn't even know where to start looking for other options.
Before you say "that's their own fault for not knowing better", I would ask you: did you get your own medical degree so that you can handle all your own medical problems? What about a car? Did you build your own car? Do you have a law degree? Do you grow all your own food? Are you a licensed electrician? How about a food safety engineer? An architect? No? So you rely on established and proven products, systems and service providers for these things? Of course you do, because that's how society works.
Technology folks often forget that we happen to have specialized in a field that is now dominant and pervasive in everyday life, so we "get it" more than most, but that's not the case, sometimes not even an option, for most people..
Businesses should absolutely have the right to not let you use their services for any arbitrary reason! It's a free market! Sucks to be you!
</ sarcasm> [Offer valid until the same thing happens to me, then I can scream and cry about it]
Did you build your own car? Are you asking us to compare building a car to using a gmail account. The comparison is did you build your own google mail provider. Very few have.
But most of us went to different dealships test drove different cars, looked up tech details and reviews. Reviewed recalls and decided for ourselves.
What kind of special degree do you feel you need to pick a different email provider?
And most people don't uses a sass. I would expect a slightly more tech enabled person to be using a sass (not too many grandmothers or average internet need a sass). Can those people figure out how to signed up without google if they want to? I would hope so. If your sass doesn't offer any other way to sign up it won't be around for too long anyhow.
If you are going to put everything under your google services for your saas pay a few dollars and get a business account if it's important to your business.
In which case they are in luck. There are a multitude of email-providers worldwide, and email is 100% transferable.
Many people for instance use Office 365. A similar SaaS, not Google, allowing you to digitally separate who you are from what you do.
> did you get your own medical degree so that you can handle all your own medical problems?
No. Absolutely not.
Nor did I once sign up for a medical check, pledging that I would for the rest of my life use this one medical facility only.
Do you know anyone who has ever done so? Ofcourse not, because that makes no sense.
And it should similarly make no sense to make such a move in the digital world, maybe there even less.
If you separate email (identity) from what you do (like using Google services), the worst Google can do is ban your ability to do business with Google, not your ability to do business at all.
As a business, why would anyone be stupid enough to take the risk and let Google have that ability?
Edit: As for being the most HN comment ever, how goes conflating email for Gmail and seemingly being unaware of there being other email-providers than Google? I mean, really?
Really? You think the average person can navigate changing all the services they signed up for with a Google account they've lost access to, and update it to a new account at a new provider?
Having helped a few non-technical but still very smart people do this over the years, I can tell you that for most people this would be way more daunting and painful than you believe.
> If you separate email (identity) from what you do (like using Google services), the worst Google can do is ban your ability to do business with Google, not your ability to do business at all.
You say this so casually, and that's my whole point. Most people wouldn't understand this distinction or even know where to start to actually do this.
You rely on your technical knowledge without even realizing it, to even understand the need or option to do this. Again, most people do not have this level of technical acumen. These are unknown unknowns for them.
I chose cars, health care, food and housing in my examples because they are day-to-day things for everyone that we all take for granted and don't deeply understand, and rely on experts to handle for us, but can't really live without. That's the Internet for most people.
You missed the point by splitting hairs and nit-picking the comparisons.
> As for being the most HN comment ever, how goes conflating email for Gmail and seemingly being unaware of there being other email-providers than Google? I mean, really?
This is now the second-most HN comment ever. ;-)
Are you familiar with existing fair practices, consumer rights, and consumer protections acts?
As far as email, create a domain name and use your own email address.
Free will is great isn’t it? Everything doesn’t require the nanny state to step in and solve all of your problems.
Dependencies create defacto requirements with the alternative of severe disadvantageous if opting out.
Corporations answer to shareholders, creditors, business partners, and management long before they do individual users. Who, in the case of Google aren't even direct customers (advertisers are). Representative governments answer, however imperfectly, to the governed.
Email self-provisioning has significant hurdles for even technically-competent individuals let alone the general public.
Your suggested alternatives ignore the problem and create more.
So now we are going to go down the whole “Minority Report* rabbithole and make laws just in case? You don’t tie your login infrastructure with Google, you use Oauth 2 and plugin any third party you wish.
Representative governments answer, however imperfectly, to the governed.
How well is that working out in the US between gerrymandering, the electoral vote having an opposite outcome than the popular vote, and how it is almost impossible to get rid of an incumbent?
Email self-provisioning has significant hurdles for even technically-competent individuals let alone the general public.
I didn’t say set up your own email server. I said create your own domain. You can create your own domain with your own email address with a few clicks on Godaddy. If you don’t like GoDaddy, there a dozens on other places that will transfer your MX record to them and you keep your own email address.
Regulations serve to create a common and uniform floor of service levels.
The problem with a strictly voluntaryist, free-market, laissez-faire approach is that it tends strongly to a Gresham's law "bad terms drive out good" race-to-the-bottm dynamic, particularly unfortunate when there is but one monopoly provider on the market.
This occurs well before reaching the far end of the slippery slope on which you seem to be perched.
Several of my earlier comments have been badly misapprehended, I'll not belabour them though I'll note the fact.
If people read the conditions of the free google account they realize that the service can be terminated at any time for any reason without warning, and there's absolutely nothing there about any corrective mechanisms.
Contrast this with terms of [especially national] domain name ownership.
Anyway, given the number of people who will give their data to such a service under such conditions, you may well be right that some regulation would be useful, especially around getting your data out in some short time period after account termination. (But only to holders of the valid authentication credentials.) Forced email address portability would be also nice (provider would have to forward incomming emails for a reasonable fee or for free), for some limited time, maybe a year.
https://old.reddit.com/r/dredmorbius/search?q=gresham%27s+la...
It's all well and good for you - someone who's aware of the risks and issues - to say "just don't use Google/Facebook", but laws would protect the average person who just wants the quickest/easiest way to get an email account or to sign in to websites.
Also even if consumers were all highly educated in the pitfalls of Google etc., major websites still force you to use Google technologies whether you like it or not. Google Recaptcha is everywhere; eBay forces you to use it to sign in to your account. Are people now supposed "just don't use eBay" now as well?
Yes, if you don’t like the tradeoffs that eBay gives you - don’t use EBay. You can use Amazon, Facebook marketplace, Craigslist, etc. to sell and buy stuff.
You've gone off the rails here, mate.
You can also get to another website just as easily.
(0) https://www.cnet.com/news/some-senators-in-congress-capitol-... (1) https://www.theverge.com/2015/12/7/9869308/donald-trump-clos...
How about you?
1. The average tenure of Senator or Representative in the US is steadily increasing. (https://www.termlimits.com/new-research-congressional-tenure...) and because of how much money it takes to win an election, it’s really hard to get rid of a member of Congress.
2. Because of how both the Electoral College was designed and the design of the Senate with 2 senators per state regardless of population, if you live in a more populous state, you have less voting power.
3. The more tenured Senators have more power and they have the power to block legislation. The people of the state where the leaders live are the only ones that can oust the Senate leaders.
4. Most rules aren’t done by legislators they are done by committees led by Presidential appointees who are approved by the Senate - again appointments can be blocked by the leaders of the Senate. Many of their policies are approved and struck down by unelected judges.
5. Then there is always gerrymandering.
6. You really don’t believe politicians - many of whom basically did insider trading pre-Covid - are greedy rich people? The President himself is a billionaire.
Could you point out where I said that? Please don't put words into my mouth just to "win" a discussion. That's pretty cheap.
So the alternative between trusting greedy rich people who both don’t have the power of the state, and I can choose to use alternatives, is to trust greedy rich people with the power of the state - most of which I have no power to get rid of because a) they aren’t in my district, b) the alternatives don’t have the money to get elected, and c) get elected by the flyover states because they have two senators just like the more populous states
Say I accidentally trip off something in their opaque machine learning algorithm that determines my extension (or even a YouTube comment!) breaks their terms of service. They would have the right to completely block my account and remove the extension. Effectively, wiping out how I make a living with a single automated bit flip.
It hasn't happened to me, but the people that share horror stories of how it happened to them scares the $#!7 out of me.
As the Internet gets more privatized and less "open", I just wish there was something that required a fair "trial" of my account being suspended. The balance of power online is slowly shifting and I feel there needs to be something protecting the rights of individuals (the public) online.
I have a google account, but I only use it for signins to places I could easily create other means of signing in.
If its for a place I know I want to always have access to and never have to worry about re-creating then I use my personal email.
Google SSO is a convenience only. The world will go on without google and you can certainly use the internet without having a google accout
Especially when that service is free and effectively anonymous, it's just not possible to give each case a full and fair hearing. You know that you'll get false negatives and false positives. You can try to minimize them, but actual justice is expensive. Too expensive to pay for with ad sales, that's for sure.
You never know when they change policies and some automated bot kills your account for it, years from now.
Is there genuinely no solution to this?
If you backup regularly, you should also restore to test it works properly, and the reality is there is no decent way to restore a google takeout archive to another google account, or any competing service. The closest you'll find is a hodgepodge of scripts to incompletely restore some data...
Technology isn't perfect so a backup is a must for anything of value: whether financial or sentimental. For a good example of why backups matter, look at the history of Doctor Who. They didn't leave any backups of parts of the original show because they figured those were pointless, re-recording on the physical copies instead. Now the old episodes of the show are being searched for across the Globe, I believe some were even found at some man's home in Brazil. Backups and archiving stuff is essential.
If they just stuck to requiring a very strong password and not letting anyone in without it, no exceptions, no ifs, no buts, I would still have that account.
Fortunately it was an old account I wasn't using anymore.
Just use one Google account per Google service, it's the safest way haha.
The drawback is that they only allow you to use "safe" (read Google made) apps.
Wasn't the case at the beginning, when you couldn't open your email in anything but Chrome on Desktop and Gmail app on a phone.
I've tried to set up contingency plans for the cases that I lose access to my:
- phone (which contains Google Authenticator with plenty of important logins; unfortunately some of my 2FA is still based on SMS)
- my laptop
- my Yubikey
- my wallet (with ids and a credit card)
due to theft, damage (house burns down) or simply loss.
Another under-appreciated risk: losing my memory (my master passwords are only in my mind - what happens if suffer a head injury and forget?)
Redundancy is one countermeasure: Have more than one bank account + stock portfolio, more than one credit card (servers might go down if a credit card is blocked) and physical devices (phone, laptop) in store to stay operational in case of an emergency.
Full machine backups + regular uploads "to the cloud" for raw data; occasional transfers to (multiple) external hard drives.
I don't think there is a way around a safe physical space with printed backup codes on it. Ideally not in the same house - maybe with a bank?
A list of instructions for numbers to call for account recovery or blocking. Which information will I have to provide?
In a similar vein: what happens to my data after I die? How would my (non-technical) family be able to access my pictures and writings? A digital inheritance would be prevented in my security set if I don't prepare.
This space is fascinating to explore, the zeros and ones people have stored on their devices are incredibly valuable to them and this treasure is poorly protected. Generally speaking: No backups, weak passwords, outdated software, old hard drives ... risks abound
Google surely has very capable security people, but right now my account there is the central vector of attack, most of my passwords can be reset through my email, a huge portion of my communication runs through Gmail, Whatsapp is backed up to my Drive, most of my pictures are on Google. It's probably a good idea to disentangle the situation a bit to be prepared for the case that Google's fortress gets breached one day.
Without compromising your security - I'd love to know how others approach their personal IT security challenges?
[0] https://www.wired.com/story/a-sons-race-to-give-his-dying-fa...
https://en.m.wikipedia.org/wiki/Be_Right_Back
Not just a head injury, this can easily happen if you find your keychain 10 or 20 years later. I don't think that there is a good solution to it. Maybe biometric data, but then again, I want to have a control over when my data is accessed and in many countries it's legal for law enforcement to make you use your finger or face..
Maybe write down my master password and put it in a safe?
Isn't this just moving the goalpost because what if you forget safe combination?
If the Youtube videos I've seen are to be believed then many domestic safes can be broken rather quickly with the right tools,
Safes with electronic locks typically have (backup) keys too, which you'd need to hide or put in another safe, in case the battery dies.
If you write down your master password and put it in a safe you own you can get in that safe wether by code, key, or destructive entry.
There is. Put it on a piece of paper in a safe place.
Most of my security is based on OpenPGP keys stored on a Yubikey. In case the first one is broken/lost I've got another one. If both are lost there is a master copy on an offline computer that can be used to provision more Yubikeys.
The key unlocks access to passwords stored in pass. Because pass is based on git and gpg can be used to access SSH then the same yubikey is used to pull/push changes to pass and read encrypted passwords. On both the laptop and the phone (Password Store).
Data on the computer is LUKS-encrypted, unlocked by the Yubikey. Full backup of my laptop's SSD is done via btrfs send/receive to a raid1 array of 3 disks (raid1c3) on a regular intervals. A small subset if very important data (documents) is also backed up via restic to S3 and Backblaze.
I try to "backup" as much of my work as possible by releasing it as open-source (where it's preserved by the Github etc.) or publishing it on a web-site (where it's preserved by archive.org).
> In a similar vein: what happens to my data after I die? How would my (non-technical) family be able to access my pictures and writings? A digital inheritance would be prevented in my security set if I don't prepare.
I've been thinking about this lately and maybe it's not a popular opinion but... would people really need your data when you die? I get access to photos (my SO has the PIN code) but everything else? Maybe this is just digital junk? Who would enjoy browsing terabytes of my data looking for... what exactly?
What are you especially interested in? Then I can provide you with details.
Some random links I used:
- https://btrfs.wiki.kernel.org/index.php/Incremental_Backup
- https://blog.eleven-labs.com/en/openpgp-secret-keys-yubikey-...
- enable touch-to-use so even malicious software cannot access your passwords: https://developers.yubico.com/PGP/Card_edit.html#_yubikey_4_...
- https://www.passwordstore.org/
- https://play.google.com/store/apps/details?id=dev.msfjarvis....
- https://aur.archlinux.org/packages/mkinitcpio-gnupg/ (I'm thinking on replacing this with PKCS#11, more keys to manage but PKCS#11 is supported natively with systemd so one less dependency).
Hmm... maybe I should really document that...
- https://blog.eleven-labs.com/en/openpgp-secret-keys-yubikey-...
Sounds like a good start, I'm going to have to do much more reading on this, I use my YubiKey just as a browser 2nd factor for a few 2FA apps.
In general I'm not sure how the YubiKey stores keys and till now I had no idea you can backup YubiKey
> The key unlocks access to passwords stored in pass. Because pass is based on git and gpg can be used to access SSH then the same yubikey is used to pull/push changes to pass and read encrypted passwords. On both the laptop and the phone (Password Store).
I'm not sure about storing the master keychein file in Git, but the workflow sounds interesting (I didn't fully understand the paragraph though).
> Data on the computer is LUKS-encrypted, unlocked by the Yubikey. Full backup of my laptop's SSD is done via btrfs send/receive to a raid1 array of 3 disks (raid1c3) on a regular intervals. A small subset if very important data (documents) is also backed up via restic to S3 and Backblaze.
This is next level and not of immediate interest to me. I was looking at something simpler like: https://cryptomator.org/
Well, actually you can't. You can backup keys if you create them in software and then just copy then to YubiKeys instead of moving them there. If you do that in an offline computer there is no risk of any malware stealing your keys in mid-process: https://news.ycombinator.com/item?id=21701488
Setting up Yubikey and OpenPGP took me some time reading all resources on the net but once done this is just working without any hiccups.
> I'm not sure about storing the master keychein file in Git, but the workflow sounds interesting (I didn't fully understand the paragraph though).
If it's encrypted there is no much harm to be done here. The only leaking info is that by default pass uses filenames based on domain names so if you have credentials for news.ycombinator.com they'd be in "news.ycombinator.com.gpg" file. For me a private repo for this use case is OK.
Oh, there is a browser extension too: https://github.com/browserpass/browserpass-extension#browser...
> This is next level and not of immediate interest to me. I was looking at something simpler like: https://cryptomator.org/
Yep, I do store external disk passwords in pass too. Udiskie can use a decryption command so when I put something like this in the config: `password_prompt: ["pass", "devices/{id_uuid}"]` it will grab the password from password store. This has an added benefit that I won't forget the password (it's stored alongside all others) and it's always valid (it's checked on each boot by udiskie).
:( I have set my gmail to be destroyed if not used for 3 months.
I might be paranoid but with clouds I would be more comfortable with AES-256. If RSA is a must, maybe RSA 7680.
I don't mind putting my encrypted passwords in a private GitHub repo but I understand the concern.
[0]: https://crypto.stackexchange.com/q/8687
[1]: https://en.wikipedia.org/wiki/Curve25519
[2]: https://lists.gnupg.org/pipermail/gnupg-users/2020-March/063...
[3]: https://en.wikipedia.org/wiki/Curve448
- I need to migrate away from SMS based 2FA
- then away from Google Authenticator
- and probably also from LastPass to Bitwarden
Phone broke and I must have typo while doing a regular password change - now I have no way to again log into my account as i can't provide the 2FA and none of the other options work (providing old contact emails, phone code, backup email, ... All doesn't matter just because I don't have the authenticator).
It does not have to be fort knox safe, enough if stored at a trusted place which has no direct relation with you (in my case it is my best friend I trust with my life)
The only use I occasionally get out of it is a shared document with somebody.
Same with getting a new phone number
I like paid for Google services like GCP, Play movies and books, etc., but I want my online identity and all communications to be through my domain.
This is problematic if a system relies on your using it enough to be a proof of authentication.
One simply cannot not have a Google account when on Android.
Or you get a device that is supported by lineage. Then you're even freed from all the Google related services that would otherwise still run in the background and do who knows what. You'd still need an alternate way of getting apps, and even if you sideload them, some might not work since they rely on Google play services.
Or you get a Chinese phone, since Google is banned there they all have alternate app stores, plus a crap load of shovelware that spams your notifications with ads and you share all your personal data with a different government agency than you would with the Google variant.
Google Maps and Youtube even work, but I have no expectation of them continuing.
we don't use Google devices requiring Google account and pretty much no Google apps
Tip 1b: Make sure your password manager isn't using your Google account for authentication. :)
Finally, spinning busy icon and... red text says you are denied. You are properly screwed.
(My experience a few years ago)
One day I couldn't login anymore to the old account (maybe I typed the wrong password 3 times or maybe it was deemed inactive because I would never login?)
I try the recovery process once in a while with everything (code by SMS, code by recovery email, etc). Never works.
But I still receive every email sent to that account through the "forward everything" setup from XX years ago.
I wasn't sure whether I should set up forwarding on my Gmail account or have the server fetch mail from it regularly. Was leaning towards the second option but I think now it's settled which option to choose.
Edit: Ok there's one more stupid scenario. Let's assume I do lose access to the Gmail account but forwarding still works. Now I'm in an accident and stay at a hospital and totally forget to pay the renewal fee for my domain. Boom, some domain squatter gets all my mails. Actually, that would even apply without Gmail in the mix. Sure I'd set up automatic payment for renewal but still, can I be a little paranoid here? ;-)
If you're in a 9/10 year coma, you probably don't care about your email any more.
They offer terms of 20 years and 100 years, which are longer than the standard maximum 10 years. The way it is implemented is that they register the domain for you for the maximum allowed time (10 years for most TLDs), and then each year the extend it by a year keeping the expiration as far out as allowed for that TLD.
I looked at this a while ago, when contemplating moving my domain in .net from there to Namecheap (where I already had a .us domain), because they gave a big enough discount on 100 years that it brought the price per year to $9.99, which is pretty good for a .net.
Then I realized that even if I lived long enough to become the oldest living human I'd still only get about halfway through the 100 years making the cost per year effectively $20, which is a crappy price for .net.
Now it is even worse. They have doubled the price for 100 years, making it a crappy deal. Even if annual .net renewal went up 10% a year, it would take 29 years before you would have been better off going with 100 year NS over year to year Namecheap. (They NS 20 year plan would be better off after 16 years).
At 5% annual increase, NS 20 is about the same cost as Namecheap, and NS 100 beats Namecheap after 44 years.
(This is all assuming that in the Namecheap case the money that would have been spent upgrade on NS 20 or NS 100 is just sitting around. If you assume it is invested in some safe long term investment, NS 100 and to a lesser extent NS 20 makes even less sense. Also there is the risk that at some point NS will no longer be around and their demise happens in a way that kills these long term registration programs).
Don't do this. Buy an email with a domain that offers email. e.g. gandi.net or infomaniak.com They do have phone numbers if things go wrong. Hosting your email is easy. Having you emails delivered and not blocked is an art.
Every few months, I try the recovery process again to no avail. "Sign-in with Google" is very convenient so it'll be a pain to move to proton + outlook but c'est la vie
I can confirm it works as well since someone sometimes fat fingers whatever email address they use for car repair and I get the invoice for it due to Google not respecting the dots in the email address.
My master plan is to get hired at gmail just so I can click the admin reset password button and get access to that account directly so I can finally see the very first emails I ever received.
And same as everyone else, already had forwarding in place so it's just kind of... there in an uncomfortable limbo. I don't really use it for much so it's not a big loss but it would be nice to resolve one way or another.
I never use Google to login anywhere anymore. I create an email and an (autogenerated secure) password everywhere. If they don't see fit to support this, they don't get my business.
Then I just let Bitwarden/Firefox take care of everything. Logins, etc. I have 500? passwords stored. Don't know any of them. I prefer it this way.
Further note that gMail filters at every step, eg this includes a downstream "archive" account. So there are false positives coming from a "known" [single source] good account and of already vetted emails...
i do wish there was a way to forward everything ... where everything meant everything ... filtering optional.
See https://cmetcalfe.ca/blog/forwarding-spam-with-gmail.html
I've got an old gmail address with pop3 enabled that my main gmail account pulls emails out of. Hadn't logged into the old address in a couple years because everything was working. One day I decided to rotate all of my passwords, got to that old gmail account and it refused to let me log in and wouldn't say why.
"No big deal" I thought, I use a password manager, have all historical passwords, have the 2fa device, same phone number, same address, I have access to the recovery email address, and pop3 still works so I know I have the current credentials. I'll just reset the password.
Nope, wrong. Even though I have every possible form of identification the account will not let me log in via the web interface and will not let me reset the password. I get stuck in a loop that eventually ends with "Thanks for verifying your email. Google couldn't verify that example@gmail.com belongs to you."
The pop3 functionality still works, but the password can never be reset and the web interface can never be logged into. I suppose this will continue until the day google decides to ax pop3 and imap, no doubt accompanied by a blog post with comments disabled explaining it's for our own good, at which point that address will be lost to the sands of time.
Who knows... maybe someone else recovered it that he's using it as their primary address and I'm just getting copies of all their messages?
So because their authentication used some stupid heuristic combined with the “no reusing old passwords” thing I was forcibly deplatformed. I’m not making another account, I already wasn’t happy with google and that was enough to make me give them up.
Honestly, it's a huge relief. Self-hosting has gotten much more complicated over the years. It's very nice to know that there's a round-the-clock staff of professionals taking care of security, deliverability, and fighting spam. And software upgrades, of course!
I had this exact same problem 3ish years ago and bailed out to Fastmail for the same reason. The thing that made me throw in the towel completely was what I found out from someone who looked into it for me after I shook the tree of my professional and social contacts. This person was involved in Gmail but not directly in anti-spam, but told me that my domain had "limited reputation."
That domain, which predates the existence of Google by at least a year, had been hosted on the same IP address (IPv4 and IPv6) for almost a decade, with the same MX, A, and PTR records for the entire time. Nothing at all changed about how that domain was configured. Yet it was intermittently being flagged as "limited reputation" and either dumped in the spam folder or simply accepted for delivery and silently dropped.
I took that domain and moved it to Fastmail 3 years and 3 months ago--I know the exact date because I paid for three years of e-mail service at the time and recently renewed it--and haven't had a problem since because, unlike my single-server operation that used to be considered an equal peer on the Internet but not any more, Fastmail has enough pull and reputation to not have messages from its subscribers blocked by other e-mail hosts.
I don't think it's necessarily malicious in nature - more the product of spam filtering.
I wonder if email authentication methods like DKIM/SPF/etc.. help this problem these days.
It's been few years. I am on Mailbox's 12 Euro/year plan which has "forum" only support (I am not sure it changed after I became a customer). My emails suddenly stopped working once and I received email response after a week (which just had an irrelevant link). I had reset the mail setup by then after backing up email from local client. I replied to the email asking what went wrong and never received a reply. They seem very aloof and high-handed about customer support if I may say so.
I am looking at moving my mail provider. I have stopped using @mailbox.org mail for online a/c signups etc (which I did a lot earlier) and have started removing it from wherever it is used already.
Is Migadu stable and been around? How's their service and privacy track record? Did you evaluate any other provider in Euro 12-20/year budget range? My email usage is extremely low volume.
Their privacy policy is well written (I have read 100s if not thousands of them in grad school, I can tell you they’re not vague)
Support is human!!! It’s really good to know there’s a human on the other side.