undefined | Better HN

0 pointsitake5mo ago0 comments

I personally like the idea that my bank account has a completely different email and password then any other account.

In theory, criminals don't know where to even try to exploit/phish.

0 comments

Yes. BTW I still do that, but with a single address, username+myonlinebank@domain.com style. It was easier when I need to give them my email again on the phone or in other circumstances, they can see it's just the same with extra bits.

itakeOP5mo ago

My issue is if username+ecommercewebsite@domain.com leaks my account login: username@domain.com as the + is a known feature. If they are able to access username@domain.com, then they would be able to access password recovery for my bank.

With a separate finance account, even if they figured out how to access my primary personal email. There is still an air gap with my financial accounts.

dfc5mo ago

I tried this route at first. There are enough stupid forms that reject VERP addresses that it's easier to just use different recipients.

j / k navigate · click thread line to collapse