How To Protect Your Email Account

How to Protect Your Online Presence

There are many things you sign into online where you have to provide an email address. These places are then able to manage your account with you via that email address. We are talking about accounts where money is involved. We are also talking about accounts where personal and private data is held. So it makes sense to have a well protected email account. If someone can get into your email account then they can also get into wherever else you have signed into using that email address.

So you do need to use email to have an online presence and you can’t give it up completely. I would recommend though, giving up using email for your person to person communications. Use a message service with end-to-end encryption enabled as default. Email is completely insecure. It was designed that way and this so embedded into using the Internet it’s almost impossible to make it secure.

Step One - Switch to Messages App

STOP USING EMAIL AS MUCH AS POSSIBLE

  • Session – Like Signal but with anonymity
  • Signal – recommended by Edward Snowden
  • Telegram – Make sure the message is encrypted (It’s not the default)
  • WhatsApp – Do you want to trust Facebook??
  • Threema – Good but you have to pay for it. (not expensive)

Step Two - Use a Better Protected Email Service

You could get yourself an email address where end-to-end encryption is included. It will only ever be included when sending messages to people using the same service for added encryption functionality. If your email address is with Tutanova or Protonmail and you send email to other people using the same service you will have end-to-end encryption and be protected. Send to non Protonmail people from your Protonmail account and encrypt with a password. Possible to swap encrypted emails to friends with PGP in Protonmail.

Protonmail is Good

Protonmail

I can recommend using Protonmail because it is set up in such a way to give it good protection from the off. Two factor authentication is included as default for login. It’s a good start to your personal online security. You only have to persuade other people to use the same service to get full protection. You might have success with friends getting them to change their email service from Google or Hotmail. That’s never going to be the case with businesses. You would think that big business would prefer to have their sensitive data protected. It’s mostly the case that they don’t realise how exposed they are. For non Protonmail users you can send encrypted emails which can be decrypted with a password. You only have to give the password to your contact by secure means. Send it via an end to end encryption message service or read it out over the phone.

Or There is Flowcrypt

If you have FlowCrypt enabled via an extension in the Chrome browser you can send encrypted emails to other people using the same service. Or you could set up PGP encryption on your computer and communicate with someone else using PGP encryption. It is possible therefore to have secure communications with email, but it is not the default. The examples mentioned have various levels of complexity, ease-of-use. Much of whether it’s going to work and not depends upon the security considerations used by your contacts.

  • Question – Do you want Google reading your emails so they know what adverts to send you?

Step 3 - Use Good Passwords

  1. Don’t use a single password in multiple places. Especially don’t do that if your password is your date of birth or your mothers maiden name.
  2. Use a good password in every separate account.
  3. Use a tool to create good passwords. 1Password does this. Or use xkpasswd.net to make new passwords.
  4. Use a password manager to help you look after them. I like 1Password for this, there are others.
  5. Don’t write your passwords on a piece of paper unless you store it in a locked safe.
  6. Don’t write them in plain text in a Word document.
  7. Use one of these long, but memorable passwords from xkpasswrd to get into your password manager. Entropy – long passwords, is your friend. Give yourself a password easy to remember, but hard for a computer to guess.  44 bits  of entropy means it would take 550 years to guess at 1000 guesses per second.

Step 4 - Add 2FA To Any Accounts Offering it.

Protect your account with 2-Step Verification With 2-Step Verification (also known as two-factor authentication), you add an extra layer of security to your account in case your password is stolen. After you set up 2-Step Verification, you’ll sign in to your account in two steps using:

  • Something you know, like your password
  • Something you have, like your phone