Skip to content
Tech News
← Back to articles

You have a strong password. Here’s why your online accounts are still at risk

read original more articles

Megan Ellis / Android Authority

Raise your hand if you have used Have I Been Pwned to spot yourself in an online breach. Raise your other hand with me if you’ve actually spotted your email or password there at least once 🙋‍♂️.

With every single service requiring you to enter your email or phone number to authenticate yourself, we have all been in a situation where our credentials have leaked — I can bet more than once. While we place disproportionate weight on unique passwords, they make up only a third of your digital security stack.

Sure, passwords play a very critical part in online account authentication, but that doesn’t mean the other two components deserve any less attention. For a bulletproof digital existence, you’ll have to pay equal consideration to your email, password, and two-factor authentication, and here’s how you can achieve it.

What's your weakest security habit? 29 votes Reusing passwords 31 % No 2FA 10 % Using my primary email everywhere 41 % I'm pretty well covered 17 %

Your email address is key to everything

Dhruv Bhutani / Android Authority

Your primary email address is your digital identity card, but for some reason, we don’t care for it enough. We tend to hand it out to every other online portal without a second thought. But the fact is that it needs to be kept a secret almost as much as your password, if not more. You might wonder how on earth you could keep your email address a secret when you have just one (or, at most, a handful) of them. How else would you sign up for services or let people reach out without handing them your email?

The answer lies in this little-explored product called email aliases. They are often randomized email addresses that forward any incoming email to your main address without ever revealing it. So you only give others your alias while your primary account stays hidden, saving you from email scams and data leaks. In case a service is affected by a data breach, and your email alias associated with it leaks, you can simply disable that alias and create a new one with just a couple of clicks.

Your primary email address is quite hard to replace given the amount of work it would take to replace it on every single account you've used it on.

... continue reading