Security expert, Steve Endow on keeping Email addresses themselves secure

Steve doesn't give friends and family his email address!

Blogs aren't just for sharing ideas once and moving on—they're evolving resources that can be updated to remain valuable. Revisiting posts that continue to resonate, even years later, shows the strength of this approach. One such example, is Steve Endow’s post from December 2022, where is discussed thier use of SimpleLogin for protecting email addresses. Today I was looking at email services again and remembered this post existed, visting it again, a couple of years later, I was surprised to find multiple updates on the original post.
Visit the original post.

Summary of Steve Endow's SimpleLogin Strategy

Steve Endow shared his experience with SimpleLogin, an email aliasing tool designed to enhance privacy and security. TLDR; Much like you use a unique password for every contact point on the web with a password manager, also use unique unguessable (no gmail style "+" style addresses) email addresses too. After all email address is 50% of your security token in a simple login authentication. Steve even promotes not giving your main email address to friends & family!

Key points from the post:

• Email Alias Creation: SimpleLogin enables users to create unique aliases that forward messages to a primary inbox, ensuring the main address stays private.
• Privacy and Spam Reduction: By using aliases, Endow could prevent his actual email address from being exposed, reducing spam and increasing control over data privacy.
• Ease of Management: The platform makes it easy to disable or delete aliases, especially if one is compromised or no longer needed.
• Increased Control and Insight: With different aliases for different services, users can identify which platforms may be sharing or misusing their data, adding a layer of accountability.

Steve's post emphasized that using tools like SimpleLogin empowers individuals to proactively manage their digital footprint and safeguard personal information.

Why Keeping Blogs Updated Matters

Steve’s blog is an example of a living, evolving resource. Posts like these, which continue to be useful long after they’re published, highlight the value of maintaining a blog with periodic updates and relevant insights. Its strangely rewarding to see all those updates on top of the original post! There are a few of my own posts I have updated on a sporadic basis or have created follow up posts for. Reading Steve's post reminded me it does add value for the reader.

Additional Email Security Practices

We are in an era where it is important to prioritise security in both professional and personal lives. Building on Steve's practices, here are some additional methods to bolster your email security:

• Use of Two-Factor Authentication (2FA): Always enable 2FA on your email accounts. This adds an extra layer of security, requiring a second form of verification beyond just your password.
• Password Managers: Use a password manager to create and store strong, unique passwords for each service you use. This reduces the risk associated with password reuse.
• Regular Monitoring for Data Breaches: Services like Have I Been Pwned help you check if your email addresses have been compromised in data breaches. This awareness allows you to take immediate action if needed.
• End-to-End Encrypted Email Services: Consider using email providers that offer end-to-end encryption, such as ProtonMail, for more sensitive communications.
• Educate Yourself on Phishing Attacks: Be vigilant for signs of phishing and other social engineering tactics. Even sophisticated email filters can sometimes let phishing emails slip through, so knowing what to look for is essential.

Combining these practices with a service like SimpleLogin can help minimise exposure to potential threats.