this post was submitted on 01 Dec 2023
92 points (71.9% liked)

Privacy

31974 readers
352 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] ShortN0te@lemmy.ml 2 points 11 months ago (1 children)

So you create a new email for every account you make?

[–] thesmokingman@programming.dev 9 points 11 months ago (1 children)

Do I use an aliasing service that allows me to change the account emails point to? Yes. Can I access those accounts with access to my email? Yes.

The issue here is that if you lose access to social network that logs you into those things, you lose the account. If you have an actual account, not delegated access, you can still access the account with the social account.

I’m struggling to find some good article examples because Google is rolling out inactive account deletion and that’s polluting my search results. So go test this out yourself: go try to change the account name/email, password, or MFA for any of those accounts you use social auth for. Try figure out how you would log into without that social account. Next do the same thing with an account you don’t use social auth for.

[–] Pantherina@feddit.de 5 points 11 months ago (3 children)

Same but this basically puts all the trust in your mail provider which also sucks.

We should have logins with security keys and/or local biometric unlocking. I think that would already increase security and ease of use a lot. But these things are so expensive and not well supported yet

[–] thesmokingman@programming.dev 2 points 11 months ago

In theory, my email only serves as a way to verify me and spam me. A good account may require an email for communication and should allow that email to be changed without losing the account, in the same way the good account will let me change the password, the MFA, and ideally even the username (looking at you Steam). Same as a phone number. We’re beginning to see a move toward that flexibility. Most accounts with MFA allow it.

[–] EngineerGaming@feddit.nl 1 points 11 months ago

First - mail server might literally be on a box in your home under your full control. Second - if it's not the case, you don't need to stick to a single provider. I have mailboxes tied to different platforms on different providers, so I cannot lose all at once.

[–] soulfirethewolf@lemdro.id 1 points 11 months ago

If you're worried about losing access to your email, consider switching to one with custom domain and a provider that supports it.