Ask HN: How do you solve the domain registration, custom email circular problem
I'm looking to transition from gmail to a paid vendor (ex: Fastmail). However, as suggested in HN multiple times, I want an email with a custom domain name. However, the domain registrars like Namecheap will require an email for registration. What email to use for registration and what if I lose that email access (Gmail block). Ideally, looks like I will need 2 domains registered at 2 separate registrars and 2 separate email providers for cross-registering. Is there a simpler/cheaper way to solve this problem?
15 comments
[ 0.22 ms ] story [ 50.9 ms ] threadObvious downside: you gotta keep real careful track of where you use an e-mail address like that. If it's your "final/reset" contact, and you change ISP's...
I use Protonmail for both and it works perfectly.
Tested practices: Nope. Nobody can tell you that because it's Gmail's secret sauce to handle abuse, spam, disagreeable people, etc. Even if you follow a 20-point protocol to secure your account, there's no guarantee that Gmail won't block it and never allow you to get it back. It doesn't really matter if your email address is not sending spam or not logging in from random IP addresses from different geographies or is always accessed from the same devices and same browsers.
Good practices:
* at the cost of your privacy, connect/link one or more phone numbers to your account so that you can use those for recovery. Gmail values phone numbers more than recovery email addresses.
* setup 2FA with a TOTP app or with the Google app on your smartphone or with a hardware key.
Best practice: Ditch Gmail and use any other paid email provider that provides customer support. Life is too short to suffer through Google's shenanigans and lack of customer support. The more you allow Google to surveil you, the higher the risk that some random event could trigger an opaque ML algorithm to flag your account for some violation and all forms of support will stonewall you with no help whatsoever.
I used to just use my gmail account and forward it, but recent stories caused me to evaluate how to eliminate the Gmail weakness.
I rarely use it but I think it's Fastmail's killer feature. They've done a great job with it IMO.
- backup emails and/or
- editable email field(s) that is secured by your 2FA/MFA/SMS/TOTP
I have been and will always be using exchange from a reputable source (in my case OVH). I pay money for my email because its now their problem to keep it running. After that I add dns protection to my domain so it can not be changed on a whim. For it i have like 100 aliases setup which I give out to the vendors I use.
But yes, after initially signing up with a freemail, I changed my main email to the one provided by OVH. Why? because I can verify myself with my invoices even if two FA and everything else has been taken over.
There really is no ideal setup, because email was not designed for it. Its a messaging protocol and not an auth mecahnism, that it can be used that way is coincedence.
USE 2FA. Use a dedicated device for auth, because those are designed to be with you at all times. Like actual keys.
The probability that someone will actually hack your icloud backup with your 2fa app backed up into it, are way less likely then one of your passwords leaking.
You may change the email address with your domain registrar at any point in time to manage future risks.
My suggestions:
* stick with a (preferably paid) email account on a domain that's not yours but is likely to be around for a long time
* choose one of the common TLDs like .com or .net or .org for the email address (these TLDs have the least likelihood of disappearing or being blocked by anyone)
* make sure you keep the email address active (by logging in and/or paying on time)