Does it make sense to have separate emails for each individual financial account (banking, credit cards) or is that overkill? I’m just thinking that if a hacker got access to one email they’d have all account information?

  • OtterA
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    7 months ago

    I might actually recommend it for anything except financials. Financials are very important to have access to, and sometimes your email address is the only way to access your account.

    I want something very stable as my email address for such cases, because I don’t want to risk my email alias provider shutting down, or my self hosted setup to randomly die. Or even some weird “security measure” where the bank decides that any unknown domain is no longer ok.

    In such cases, I want my email address to be reliable. Email alias providers shut down from time to time, and I don’t trust my skills to set up a reliable self hosted option. If my setup breaks after an upgrade, I might be out of luck till I can change my email with the banks.

    Banks also have their own policies, and sometimes they make questionable decisions in the name of “security”. Companies already block certain alias domains, and there are stories out there of people being locked out of their online accounts after a domain was blocked. Banks are meant to be trustworthy so they may take an even harder stance on it. They may decide to restrict the common alias domains (ex. citing that spammers use them), or even restrict personal accounts to the big email providers (ex. Gmail).

    For example, some bank apps don’t work on phones with a custom OS (grapheneOS). Singapore went even further with:

    Local banks DBS and UOB are rolling out new anti-scam security measures that include restricting customers from accessing the banks’ digital services on their mobile phones if apps from unverified app stores – also known as sideloaded apps – are detected

    Ultimately it’s a lot of risk for a very small reward. If you use a different password for everything (you should), then someone knowing your email still won’t be able to do much. The bank itself would have way more information about you, so it’s not like you’re protecting yourself from the bank with a custom email.

    • rezifon@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      7 months ago

      You’ve used some phrasing that I am not really following. What exactly do you mean by “stable” in regards to an email address? And what is an “unknown” domain?

      • OtterA
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Fair enough, I took some time to explain it better above :)

        (See edit)