Question How Many Email Addresses Should I Really Use for Optimal Privacy and Security?

[lokamoka820]

Hi everyone,

I’m trying to set up a more secure and private email strategy, but I’m unsure how many email addresses I actually need. I’ve heard recommendations ranging from 2 to 10+, with different purposes like:

• Primary/personal communication.
• Sensitive accounts (banking, government, healthcare).
• Online shopping and social media.
• Throwaway/temporary sign-ups.
• Professional/work use.

Some people suggest using alias services (like SimpleLogin or AnonAddy) or a custom domain with catch-all, while others prefer multiple standalone accounts (e.g., ProtonMail for sensitive stuff, Gmail for everyday use).

My questions:

1. How many email addresses do you personally use, and what’s the purpose of each?
2. Do you recommend aliases vs. separate accounts, and why?
3. What’s the minimum setup that still provides strong privacy and security without becoming unmanageable?
4. Any tips on managing recovery emails and avoiding lockout risks?

I’d love to hear your real-world setups and lessons learned. Thanks in advance!

 

[LinuxFan58]

1. Primary/personal communication.
2. Sensitive accounts (banking, government, healthcare).
3. Online shopping and social media.
4. Throwaway/temporary sign-ups.
5. Professional/work use.

That is what I use
1 = my phone Gmail (because it has build-in malware scanner for downloads)
2 = Outlook.com (I like use of Microsoft authenticator)
3= my old ISP (was takenover and as bonus we could keep old email)
4= another Gmail account (in the past you were allowed to open more email accounts)
5- my new ISP for personal professional stuff and for work my university's email

I am using Evolution with 3 unified inboxes, INBOX known senders, INBOX unknown and SPAM works great!

 

[Parkinsond]

How many email addresses do you personally use, and what’s the purpose of each?
- As much as you can

Do you recommend aliases vs. separate accounts, and why?
Aliases are more protective againt brute-force trials of log in

Any tips on managing recovery emails and avoiding lockout risks?
I use any email as a recovery for other emails, and I do not care much about being locket out; will just create a new account; nothing valuable is linked to email

 

[Marko :)]

How many email addresses do you personally use, and what’s the purpose of each?

– 1 personal e-mail addresses (with few different aliases for different things)
– 1 Gmail address for cases when I don't want to give away my personal e-mail address nor aliases
– 2 spam e-mail address (less known local e-mail service and Proton Mail for cases when local e-mail address isn't accepted)

Do you recommend aliases vs. separate accounts, and why?

Depends what you need.

The sign-in alias from my personal e-mail address is never used anywhere to decrease change of getting hacked. Other aliases of the personal e-mail are used for registration on reputable sites, online shopping and personal communication.

For registration on non-reputable sites, I either use Gmail address or those two spam e-mail addresses. Depends on the account importance level.

I prefer not to use those services like Mozilla Relay, because they give random addresses hard to remember.

What’s the minimum setup that still provides strong privacy and security without becoming unmanageable?

Two e-mail addresses with aliases. Similar to what I do.

Any tips on managing recovery emails and avoiding lockout risks?

1. Strong password
2. 2FA (phone number + app + separate e-mail address)
3. Fake answer to security question
4. Sign-in e-mail address shouldn't be used anywhere else and only for sign-in purpose

 

[lokamoka820]

The sign-in alias from my personal e-mail address is never used anywhere to decrease change of getting hacked. Other aliases of the personal e-mail are used for registration on reputable sites, online shopping and personal communication.

What is the difference between a 'sign-in alias' and a 'registration alias'? I thought we register on a website specifically to sign in later, or are you referring to something like newsletter subscriptions?

 

[Marko :)]

What is the difference between a 'sign-in alias' and a 'registration alias'? I thought we register on a website specifically to sign in later, or are you referring to something like newsletter subscriptions?

By "sign-in alias" I mean of an alias that is only used for signing into that e-mail account and that isn't registered anywhere else.
By "registration alias" I mean of the alias used for registration to other websites (such as MT).

 

[Sampei.Nihira]

I have 4 e-mail accounts.
1 PEC (certified e-mail)
1 Tuta Mail account that I manage exclusively on my smartphone

 

[lokamoka820]

Now, let’s say I want to use email addresses for the following services: banking, government services, charities, online forums, RSS readers, newsletters, social media, LinkedIn, cloud storage (e.g., Mega, Dropbox), online apps (encrypted note-taking, task managers), browser accounts (Mozilla, Vivaldi), and mobile phone accounts (iOS, Android). Which type of email should I use for each?

 

[Sampei.Nihira]

Now, let’s say I want to use email addresses for the following services: banking, government services, charities, online forums, RSS readers, newsletters, social media, LinkedIn, cloud storage (e.g., Mega, Dropbox), online apps (encrypted note-taking, task managers), browser accounts (Mozilla, Vivaldi), and mobile phone accounts (iOS, Android). Which type of email should I use for each?

Tuta Mail: 1 GB of free storage = online banking
For all other requests, you'll have to figure it out yourself.

 

[Marko :)]

Now, let’s say I want to use email addresses for the following services: banking, government services, charities, online forums, RSS readers, newsletters, social media, LinkedIn, cloud storage (e.g., Mega, Dropbox), online apps (encrypted note-taking, task managers), browser accounts (Mozilla, Vivaldi), and mobile phone accounts (iOS, Android). Which type of email should I use for each?

This is how I have it set up.

Flying.Trampoline.5310@outlook.com -> sign-in alias, only used for getting into inbox (random numbers to make it hard to guess)
John.Doe@outlook.com -> alias used for highly important things (government, banking, etc.)
John.Doe.00@outlook.com -> alias used for important online activity (online accounts, cloud storage, sync accounts and such)
John.Doe.2000@outlook.com -> alias used for online shopping

JDoe2000@gmail.com -> e-mail address for reputable online forums and communities
JDoe2000@protonmail.com -> spam and non-reputable sites

Obviously these aren't my real e-mail addresses, just examples.

 

[lokamoka820]

This is how I have it set up.

Flying.Trampoline.5310@outlook.com -> sign-in alias, only used for getting into inbox (random numbers to make it hard to guess)
John.Doe@outlook.com -> alias used for highly important things (government, banking, etc.)
John.Doe.00@outlook.com -> alias used for important online activity (online accounts, cloud storage, sync accounts and such)
John.Doe.2000@outlook.com -> alias used for online shopping

JDoe2000@gmail.com -> e-mail address for reputable online forums and communities
JDoe2000@protonmail.com -> spam and non-reputable sites

Obviously these aren't my real e-mail addresses, just examples.

That’s an excellent example, thank you. I particularly liked the inclusion of numbers; they establish a clear sense of priority for each account, which is far better than using randomly generated names, as you mentioned earlier.

 

[Marko :)]

Glad I could help!

Sort your aliases and online accounts this way, use the security measures I mentioned in my first post and chances of getting hacked are tiniest. Just keep in mind that cookie theft are still a thing, and no account protection measure could save you from these. That's why the most important thing is only to access your online accounts from safe and clean PCs and other devices.

None of my online accounts were ever hacked because of this philosophy. As a member here on forum would say—stay safe, not paranoid! (you know who you are )

 

[Acadia]

Firefox and DuckDuckGo both offer free email mask services:

Firefox’s free email mask service got a massive update

Firefox Relay used to allow you to hide your real email address behind just five disposable ones. Now that number’s jumped dramatically.

www.pcworld.com

Acadia

 

[TairikuOkami]

How many email addresses do you personally use, and what’s the purpose of each?

0. A government email - Primary communication
1. Outlook (paid, priority support and thus a recovery possible via official channel using a real name, credit card, address, etc) - Sensitive accounts (banking, healthcare)
2. Gmail - Online shopping, real address is required for shipping, so it makes sense in combination with the real location and also used for official social media (real name)
3. GMX - Temporary sign-ups and unofficial social media (nickname)
4. Proton - Side quests and VPN

Do you recommend aliases vs. separate accounts, and why?
What’s the minimum setup that still provides strong privacy and security without becoming unmanageable

Just like you need at least 2 banks and 2 cards, if one fails or is having a maintenance, at least 2 emails are recommended, if one gets banned, hacked or lost.
I once lost access to gmail and it was a pretty difficult situation, but I did not have everything tied to it, so I managed, though I used it as google login, that was bad.
Another reason for separate accounts is spam/phishing protection, I forward them, since each email provider uses a different AV and filtering. GMX > Gmail > Outlook
I have Proton, Gmail and GMX emails pretty much public, they all leaked, but I hardly receive any spam, it is not as bad as decades ago. So I would say that less is more.

Any tips on managing recovery emails and avoiding lockout risks

I do not store passwords with backup codes for sensitive accounts in a password manager, only in triple encrypted files, in multiple locations. I use 2 separate 2FA apps.

 

[lokamoka820]

Glad I could help!

Sort your aliases and online accounts this way, use the security measures I mentioned in my first post and chances of getting hacked are tiniest. Just keep in mind that cookie theft are still a thing, and no account protection measure could save you from these. That's why the most important thing is only to access your online accounts from safe and clean PCs and other devices.

None of my online accounts were ever hacked because of this philosophy. As a member here on forum would say—stay safe, not paranoid! (you know who you are )

Yes, the structure you mentioned is very helpful. I used to follow @Parkinsond advice: creating accounts with disposable emails whenever needed and saving them in my browser’s password manager. If I lost access (e.g., switching browsers), it wasn’t an issue since I could just create a new account; my main accounts are safely stored in a dedicated password manager. However, I’ve found that some of these 'disposable' accounts become useful long-term, and I want to keep them organized without losing control. Creating a unique alias for every service feels like a hassle, but your approach keeps everything organized and manageable simultaneously.

0. A government email - Primary communication
1. Outlook (paid, priority support and thus a recovery possible via official channel using a real name, credit card, address, etc) - Sensitive accounts (banking, healthcare)
2. Gmail - Online shopping, real address is required for shipping, so it makes sense in combination with the real location and also used for official social media (real name)
3. GMX - Temporary sign-ups and unofficial social media (nickname)
4. Proton - Side quests and VPN

That’s another great example! Out of curiosity, why do you and @Marko prefer Outlook > Gmail > Proton? Isn’t Proton Mail more private? Does it have security flaws or usability issues compared to its competitors?

 

[simmerskool]

my email practices evolved over the past 30 years or so. I use aliases from various sources, details omitted to protect the innocent.

 

[TairikuOkami]

Isn’t Proton Mail more private?

I would say that is the issue, it is designed for a specific purpose and it likes to encrypt everything, which might cause issues. I could not use it for all my services.

Does it have security flaws or usability issues compared to its competitors?

It seems a bit cumbersome and bloated, since it connects multiple services, but not in a friendly way. I consider it as a spam email and I do not trust it to be reliable.
I used yandex and mail.ru before, but because of politics, I had a hard time receiving emails and proton is something similar. It is not a real email service like posteo.de

 

[Marko :)]

Yes, the structure you mentioned is very helpful. I used to follow @Parkinsond advice: creating accounts with disposable emails whenever needed and saving them in my browser’s password manager. If I lost access (e.g., switching browsers), it wasn’t an issue since I could just create a new account; my main accounts are safely stored in a dedicated password manager. However, I’ve found that some of these 'disposable' accounts become useful long-term, and I want to keep them organized without losing control. Creating a unique alias for every service feels like a hassle, but your approach keeps everything organized and manageable simultaneously.

That is my issue with these disposable alias services. It's hard to keep track which disposable alias belongs to which website. I find my method much better and easier to follow. Also, Outlook.com and Gmail support plus addressing. I'm not using it though because some websites don't support + symbol in e-mail address field.

Even if someone breaches into one of my online accounts, they are limited to that one online account. Other accounts and e-mail inbox stay secure because no one knows Flying.Trampoline.5310@outlook.com is my sign-in alias except me.

That’s another great example! Out of curiosity, why do you and @Marko prefer Outlook > Gmail > Proton? Isn’t Proton Mail more private? Does it have security flaws or usability issues compared to its competitors?

Tagged the wrong user. Gosh @Marko will have A LOT of notifications if he ever comes back here.

Jokes on the side, there are many reasons why I prefer Outlook.com as my personal mail service. First reason is it was the only one that had my firstname.lastname format available for registration. I was too young and by the time I got internet access at home, same format of e-mail address on Gmail was already taken by someone else. I knew sooner or later I'll need a serious looking address in the future and firstnamelastname791292847189@gmail.com simply wouldn't do it. I mean I wouldn't hire myself if I sent a job application and CV from this e-mail address. It literally looks like spam e-mail.
Microsoft transitioned from Hotmail.com to Outlook.com in perfect time and I was able to snatch firstname.lastname@outlook.com as well as some other connected usernames. I used (now my primary) e-mail for registering everywhere when I was young as I didn't really think about clean inbox, but fortunately GDPR came in force and all companies I registered to started sending out mails asking for permissions to continue using this mail as a contact. That gave me perfect opportunity to delete all these accounts I wasn't using as I forgot where did I use this address for registration. When life gives you lemons, you squeeze them and make a lemonade.

As years went, Outlook.com started to mature as a service and added more features than competitors, including Gmail. While Gmail offered limited number of aliases, I could create huge amount of them on Outlook.com. Because I was the early user, I got to keep 30 GB of storage which is double of what Google offers. I'm not sure if Google offers it now, but Outlook.com was the first one that let you change default alias and decide which one you want to use for signing in which massively contributes to your account security. Today, pretty much every popular corporation uses Microsoft 365 hence Outlook.com for mailing and that means Microsoft needed to step up in security from which we also benefit. If Gmail added additional domains, I'd for sure snatch a mail with my first and last name, but I wouldn't make it my primary still as Outlook.com offers more benefits.

Now... regarding Proton Mail. It is more private and secure... on paper. Encryption they brag about only works if you're messaging another Proton Mail user. If you e-mail anyone else, mails are sent unencrypted. There is an option to send encrypted mail, but it all falls down to link being sent in message which recepient needs to open in order to see the mail—totally unpractical. Most people will think it's some kind of scam and delete mail. If you compare user number of Outlook.com, Gmail and Proton Mail, Proton has really tiny amount of users. None of my acquaintances use Proton Mail, heck, none of them probably never heard for it. Beside, pretty much every single Proton Mail basic feature was removed from free plan and pushed into premium plans. And I'm not using e-mail that much it would be worth to pay for service. This is why I'm not a huge fan of their services in the first place.

Sorry for the essay.