Improving Account Security...

Bef18 here: I read an article a while back talking about effective security approaches to deter thieves from breaching into personal accounts online. One of the suggestions listed was to use a completely isolated email address to store all password recovery emails. My question is should that email be given the same security precautions as other accounts (2-factor authentication, recognized devices lists) as well? Should I use the same email service provider the email accounts I communicate on are associated with? I assume "isolated" is the key word here so as long as the secure email was kept secret everything would be ok, but it did make me wonder a bit. Thanks!

Discussion is locked

Reply to: Improving Account Security...
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Improving Account Security...
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
- Collapse -
Since our governments don't consider email private.

You need to reconsider unencrypted email. There is no secrets without it.

- Collapse -
(NT) Is? I meant are. Tsk tsk.
- Collapse -
You're kind of missing

You're kind of missing the forest for the trees here. You think security is something external. You set up a password or install this program, and everything will be secure. You are absolved of all responsibility after that point.

Security is less about passwords or firewalls, or whatever else these rather sensationalist and light on detail articles tend to suggest. You want to know the biggest reason people fall for those Nigerian 419 scams? The one about the Nigerian prince or oil tycoon who singled you out, of the millions of people on the Internet, to share this once in a lifetime opportunity if you just help them smuggle and launder all this money out of the country. The reason people keep falling for those, is because those of us from first world countries tend to think we are more sophisticated than someone from Africa. No one from Africa could ever outsmart someone with a college degree? Those Africans are just a bunch of nomadic dirt farmers after all! And so you STILL see people falling victim to these scams.

Security isn't about two factor authentication or some kind of secure email address. Security is more of a state of mind. If someone sends you a message out of the blue, saying how they have this fantastic business opportunity for you, no two factor authentication, firewall, secure email address, whatever, is going to save you if you're dumb enough to respond. Security is about recognizing that such a scenario is 1) too good to be true, 2) came to you unsolicited, 3) is a well established scam pattern by this point, and 4) likely breaks all kinds of international finance laws. I could probably go on, but that should be sufficient.

So my advice would be to stop filling your head with this useless fluff about email accounts for storing passwords and whatever else. It's just a bunch of garbage designed to get people to read the article and generate ad impressions. There might be one or two little nuggets of useful information in them, but they in no way justify the time wasted reading the thing to find them.

- Collapse -
thinkin' your right !

shouldn't we treat our passwords like we treat our backups ? A password is something we can't afford to lose or give out whether it's hacked or snooped by Uncle Sam , put them on a disc or in your little black book and put them in a safe place.

- Collapse -
The idea is the make it harder to crack...

Obviously humans are the weakest link to any type of security system Jimmy and I realize passwords won't make my accounts impossible to crack into. Will I ever fall for those Nigerian email scams you keep talking about? No, all it takes are a few quick glances at Snopes and a good email service in order to avoid something so obvious. Am I an infallible human being who recognizes any and every email scam on the planet? Again the answer is no, but that wasn't the point of my original question. I'm simply trying to make my accounts harder to get into by narrowing the lines of attack by the hacker. A little defense is much better than nothing at all. You said yourself that security is a "state of mind" so what's wrong with reinforcing another part of the wall? Nobody can avoid every threat on the internet so it's important to find ways to alert yourself when things have gone wrong. If a hacker knows where my password reset goes then that's just another line of attack for him to take advantage of.

CNET Forums

Forum Info