And I don’t know any of them. Actually my current count is 63 email addresses, and all of them forward to my real email address. Here’s an example:

[email protected]

This is the only place I have ever posted this address and this is the only thing it will ever be used for, so I don’t need to keep it secret or use any fancy spam prevention tricks (unlike the 43k people who’ve viewed this stackoverflow question).

Everytime I sign up to a new website, app or mailing list I use a different, completely random and unpredictable email address.

There’s two main reasons why I do this:

1) Privacy - I don’t want marketeers, ad companies and other entities to link my accounts across different services. Not only do I try to avoid trusting private companies with my details, for various reasons, even the most well intentioned data controllers get hacked, and massive lists of email addresses appear online all the time. Using a different email address for every service also means I know who leaked it

2) Security - An email address is often the starting point for any targeted attack, and although it’s not usually considered as a factor, it is the 2nd factor required for most logins (email + password). Triggering important security processes (e.g. reset password, social engineering attacks) are trivial once you know someone’s email address. By keeping my email address secret I can signficiantly reduce the size of any potential attack surface, and if my email & password gets leaked, I’ll just change it or shut that account off and move on, it really doesn’t matter to me.

But how do I do this?

There’s a few different ways:

Using any of these methods in combination with a good password manager (I recommend BitWarden) will improve your personal security, privacy and help keep you safer online.

IdBloc is free for the first 50 email addresses you create, give it a try.

Discuss this blog post on hacker news here