Email is a critical function for most of us. Many use email to communicate for work or with family, and even those of us who don’t use it to send communication almost certainly have an address or 10 that we use to sign up for things, log in to Facebook, twitter, our bank account, etc. This makes it nearly as important (in some ways more so) than your physical address! However, most of us are blithely cruising along using something like email@example.com as our one and only email address. Today I’d like to talk about how and why we should change this.
- Spam: it’s not just for dinner.
Probably the biggest threat that most of us are familiar with via email is viruses. This has been a popular attack point for viruses for years. Spammers send fake emails, instructing you to click links, or download things that are actually viruses. Fortunately, these are easily dealt with by simply not opening things from untrustworty sources. If someone sends an unexpected email, you can always respond, or call them to confirm before you open.
2: One ring key email to rule them all
The side of email danger that is often overlooked by many is the fact that your email is often the backup key to ALL of your accounts. Many accounts will allow you to reset your password via email. Some require you to answer a security question (most of which aren’t that hard to guess if you can see someone’s Facebook profile) but a shockingly large number (of mine at least) do not. This means that if someone gains access to your email account, they can probably also gain access to a pretty large number of your other accounts with minimal effort. Hopefully it’s obvious what a disaster that could be, particularly if they’ve gained access via stealing your phone. (Of course, in that case they might already have access to your other accounts anyway.)
- You’ve got mail!
Last but not least, someone reading your email surreptitiously is certainly a concern. You may not know this, but up until fairly recently email was actually less secure than sending a postcard. Pretty much anyone with a few technical chops and the interest could spy on most anyone’s email. Thankfully, today just about all email is encrypted in motion. This means that when you send an email from one gmail/Hotmail/ymail etc account to another, your email provider scrambles the message with encryption before it leaves your mailbox, and doesn’t decrypt it till it reaches the recipient. This means that someone intercepting your mail will get nothing more than a large blob of meaningless text. They’ll know who it’s to and from, and what the subject line is, but that’s it. This is a great improvement! However, the data is typically stored unencrypted, which has its own issues. Let’s think of this as a physical letter. The process now is similar to you writing a letter on your kitchen table, photo copying it. Locking the copy in a big strong lockbox, loading it into an armored car with guards, shipping it to it’s destination, where it’s unlocked, and left lying on the recipients kitchen table. In both instances, while it would be pretty hard to crack into while it’s in transit, the only protections on either end are whatever locks you have on your front doors. In addition to this lack of security, there’s a lack of privacy because many large providers actually skim your mail so they can build a profile on you to sell to third parties. This includes gmail, yahoo, and most other large free providers (See my post on Privacy and Security for more on that topic).
What can we do about it?
First let’s talk about some best practices you can follow to protect yourself. These are just techniques you can use to keep people from using your email against you.
- Separate account for logins
Surely you’ve tried to login to a forum or something where you’ve forgotten your password. Usually there’s a “reset password” button, and you simply enter the email associated with your account to start that process. Let’s pretend for a moment that I’ve stolen your phone. I open up your gmail, and see that your address is firstname.lastname@example.org. I quickly start hitting up online banks with that email address and some random text for a password. I try your bank, and BINGO, there’s the note asking if I’ve forgotten your password, and would I like it emailed to me? Why yes I would. If on the other hand, your email is not directly linked to any accounts, especially critical ones such as banks, then this sort of tactic would be much harder to use. A note here, this isn’t a foolproof tactic, it’s simply a relatively easy thing you can do to harden your online profile.
There are a couple of ways to accomplish this. One is to use an email forwarding service to create unique, meaningless addresses when you sign up for something. So, if your email is email@example.com, you can use a service like Blur to create a variety of addresses that will forward to your real email.
The second, and perhaps easier method is to simply create one “login” email address, that is different from your regular address. So, firstname.lastname@example.org could create email@example.com to login to everything with. Thus if someone accesses his email, and goes looking for accounts with firstname.lastname@example.org as the login email, they won’t find any. This is really easy with most secure emails such as posteo, protonmail, or tutanota, but it can also be done on gmail if you stick to that.
Lastly, you could even use a separate service (i.ie., Tutanota account if your primary account is with Protonmail) with no notifications on your phone and even a security pin on the app. That way you could still reset passwords on the fly, but that “extra” email would be particularly well hidden.
- Two factor authentication
This can refer to a variety of different security measures. Generally, it means that to log in to an account, you need something you know (a passphrase) and something you have (typically your cell phone). When you enter the passphrase correctly, then you receive a unique code, only on a specific registered device (your phone) that works only for that log in. Ergo, if you don’t have the phone, you can’t log in. This adds a small layer of inconvenience, but is definitely worth it, at least for something as critical as email or a bank account.
- PASSWORDS!!! PASSWORD MANAGER!!
In my opinion, EVERYONE should be using a password manager. It makes you safer AND makes your life easier. There are plenty of good options out there. Find one. Use it. Have a strong passphrase to log into it. If you refuse to do that, PLEASE use a passphrase with at least 3 words, a couple symbols/numbers and 12+ characters. Diceware is a really good way to come up with good passphrases.
- Make password resets for your account as difficult as possible
If you have the option to increase the security of a password reset, by requiring a security question, or 2 factor authentication, or whatever, then do so. “But what if I need to reset my password” you might be thinking? Ah, since you’re using a password manager now, you should almost never have to do that!
- Auto log outs
Most online services (including email) have an auto log out function. Some (like banks) are usually locked into a short time, and can’t be changed. Others (like gmail) are defaulted to never log out, or have a days long time out. I know, because people have logged in to their email on my computer, and I’ve come back days later and they were still logged in. Fortunately for them, I’m an honest person who didn’t abuse their trust, but that may not always be the case. Especially if you often use computers that you don’t control, you should definitely set a relatively short log out time of perhaps 1 hour. This just protects against you leaving your email up where someone else can access it.
- Good email hygiene
For most of us that have grown used to email, this should almost go without saying. If this bit is surprising to you, please google it.
Don’t open emails that look shady
DEFINITELY don’t open links or download files unless you know who it’s from, and it seems apparent what it is.
Don’t even reply to shady email.
The next thing I want to discuss is encrypted email. This is a software solution to prevent spying on your email. All email today (that I know of) uses at least some level of encryption. As I’ve mentioned, the major free webmail providers are all now using it on data in motion. This is a great security measure, but does not protect you against having your mail read BY the email provider, nor does it protect you from a government search order. There are however, several services that provide fully encrypted email that cannot be read by anyone without the passphrase. Several that I would personally recommend would be Protonmail, Tutanota and Posteo. Those all have different niches, which I’ll hopefully cover in a later post. They are all paid services, though Protonmail and Tutanota both have free options as well. Since they are not scrapping your emails for data to sell advertisers, the only way they can make money is by user fees.
This pretty well wraps up my thoughts on email and how/why to protect yourself. I will be putting out a shorter article soon that simply walks through what I think the best baseline email set up is.
Till then, stay safe!