• Alk@lemmy.world
    link
    fedilink
    English
    arrow-up
    55
    arrow-down
    3
    ·
    7 months ago

    Yeah. Even if they couldn’t hand over recovery emails, having a personal email as a backup to a “private and sensitive” email account is bad practice.

    • BlushedPotatoPlayers@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      7
      ·
      7 months ago

      But what do you do if that field is needed? A throwaway address won’t work as it’s easy to recreate. Buy your own domain and run a server?

      • Alk@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        1
        ·
        edit-2
        7 months ago

        I don’t believe you need that field with Proton, correct me if I’m wrong. If you do need that field with an email provider, and you need complete opsec, use a different provider.

        • shortwavesurfer@monero.town
          link
          fedilink
          English
          arrow-up
          5
          ·
          7 months ago

          It wasn’t a requirement when I signed up several years ago, and to my knowledge, it’s still not required now. Just as long as you keep your email and password in something like a password manager and don’t fuck it up, you’re fine.

      • /home/pineapplelover@lemm.ee
        link
        fedilink
        English
        arrow-up
        10
        ·
        7 months ago

        I put the Simplelogin email alias as my backup mail. Which forwards mail to my proton, so I guess it isn’t really a backup. Even more so if you realize I need to sign into simplelogin with my protonmail account and protonmail owns Simplelogin.

      • Scrollone@feddit.it
        link
        fedilink
        English
        arrow-up
        7
        ·
        7 months ago

        No, domain names are tied to a person and, even if that person register the domain with fake person details, there will be a digital payment associated with the purchase.

          • asdfasdfasdf@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            ·
            7 months ago

            Which also isn’t private. In fact, it’s the opposite of private since it’s a public blockchain.

            • EngineerGaming@feddit.nl
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              7 months ago

              Yes, I am aware. But nonetheless it is far easier to use anonymously/pseudonymously than “traditional” payment. Like, exchanging BTC/LTC from Monero, and buying said Monero via a non-kyc method as well. And whatever protections you want to layer, depending on how much effort you think “they” would spend on you.

      • WaliBoi@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        Proton doesn’t require recovery. But if you want recovery without email addresses, there’re multiple different ways from recovery phases to recovery phone number to even an encrypted recovery file you download onto a local device.