How do you decide how much to "layer" your services or use multiple services?

Skip to paragraph 2 if you don’t care about my situation/where I’m coming from.

I’m just now getting into the privacy game. There are a lot of tools in the Recommended Tools section that I’ve been enjoying browsing. I’m one of those people who is probably going to ride a middle line with all of this, both for my sake and my family’s sake. We’re switching over to Proton Mail and Signal for communication, but we’re still going to use Google Photos for photo sharing with our extended family, for example. We’re probably also going to continue using Firefox, rather than the Mullvad Desktop and Brave Mobile combination that is mentioned on this site, due to the ability to sync bookmarks between PCs and Android devices.

What I’d like to know is, when it comes to all the available services, how do you decide how many to layer on top of each other? For instance, I can create multiple Proton Mail “addresses” or aliases or whatever you want to call them. But I could also use Simple Login for that. But then I’d be paying for two services. But they’d be layered, which could theoretically be better.

Same thing for DNS and VPNs. I originally used Mullvad VPN when looking for my Linux ISOs. Then the site pointed out that that doesn’t provide anonymity. Okay, so I can use Tor browser for that, PLUS either Mullvad or Proton VPN (seems pointless to pay for both again), on a Linux device that has nothing on it except for the browser, that is connected to my guest network, etc, etc, etc.

Lastly, like I briefly mentioned in the previous section, what about multiple services? I’m paying for Proton now, so why continue paying for Bitwarden? Why continue paying for Mullvad? Why continue to buy/use Yubikeys? Why not condense my passwords, authentication, and email under one service? It seems like a very very bad idea to do this, yet Proton offers all of them, so it seems like they think it would be fine.

What do you think about these questions?

I am a little confused by what you mean in terms of layering. In your example you mention proton and simplelogin. They owned by the same company but, even they weren’t what would you be accomplishing? Is there some benefit you are looking for when you talk about layering?

Again I am confused. Why do you need annonymity to download a linux iso?

This seems pretty subjective. I think you should take some time to figure out what you want from each service. For example with proton and bitwarden. Do you have a need for two different password managers? If no, maybe go with the one that makes the most sense for your family.

It might really benefit you to go through the Knowledge Base and see if that answers some of these questions.

1 Like

I am a little confused by what you mean in terms of layering. In your example you mention proton and simplelogin. They owned by the same company but, even they weren’t what would you be accomplishing? Is there some benefit you are looking for when you talk about layering?

That’s what I was asking is, would there be a benefit? The recommendations recommended both email alias services AND Proton Mail. I found that strange, since you can seemingly do the same thing with Proton alone, you wouldn’t need something like Simple Login or Addy to achieve it…so why does the site mention both?

Again I am confused. Why do you need annonymity to download a linux iso?

I don’t need it for that specifically, I was using that as a fill in phrase for things we don’t talk about here.

This seems pretty subjective. I think you should take some time to figure out what you want from each service. For example with proton and bitwarden. Do you have a need for two different password managers? If no, maybe go with the one that makes the most sense for your family.

It might really benefit you to go through the Knowledge Base and see if that answers some of these questions.

I don’t need two different password managers, I was mainly wondering if it was a security vulnerability to have it all in one place. Having everything on one website on one login seems very convenient.

I did go through the knowledge base, fully, and while it answered some, it didn’t answer these specifically. As for my threat model and “goals,” I’m after ultimate security for daily use, full protection and anonymity for anything that I do online that I would like to have that for, and finally, I want to protect against the unknown future of data harvesting, especially when it comes to my kids.

That’s the thing. I have no idea what I’m protecting against because we don’t know what’s coming.

You probably don’t need to continue paying for these other services unless you want to (except for Yubikey, I don’t see how paying from Proton is relevant to yubikey). Reasons you might continue paying for these other services are that:

  1. You prefer not to ‘put all your eggs in one basket’
  2. You like these services better than what Proton offers.

In computing we want defense in depth. The more layers you have of defense, the less susceptible you will be to common attacks. So yes, the more layers of defense you have. The better it is.

But on reading your post, it seems you are actually concerned about service redundancy. Yes Proton seems to offer all-in-one solutions but to elaborate on

The theoretical situation is that if Proton bans you for whatever reason, lets just say they made a mistake and thought you were a bad person. Because you got all your service from only one provider. Now you don’t have access to your emails, password and email aliasing services, etc.

So you want them a bit spread out so that if a random ban lands on you, you are not completely crippled online.

This is true. At least for me, I protect myself from this by at least keeping my PM separate and offline using KeepassXC/DX, and backing up my files on an external HDD as well as ProtonDrive. Email is not extremely critical for me, though I would hate to lose ProtonMail, ProtonDrive, and ProtonVPN.

1 Like

I might be wrong but I think one of the proton premium services comes with simple login, so you would not need both. It is beneficial to use an alias instead of multiple emails as its a way to filter out emails going to your main email while also not having to provide any of these services that actual email address while also removing trackers and other things from the email before it gets to you.

ohhh you mean you sail the high seas. gotcha! you dont need tor for that. Any of the reccommended VPNs would be fine. Proton is especially beneficial if you like to seed your linux isos as it supports port forwarding.

1 Like

It might be helpful to read this help article from Proton, which notes the limitations of the “additional address” and “+alias” features native to Proton Mail, as well as the advantages of SimpleLogin aliases over the former.

My guess is that it has something to do with Proton supporting hardware security keys only when logging in to their services via desktop or mobile browsers: How to use a 2FA security key to protect your Proton Account | Proton

@Balsamic3361 could you elaborate on your original question regarding Yubikeys?

1 Like

With regards to my question about Yubikeys, my point was mainly that originally, we used Bitwarden + Authy. Bitwarden could do authentication codes, but Bitwarden itself had MFA on it that I wouldn’t be able to access without the codes inside…so we kept using Authy and Bitwarden separately.

When I realized the superiority of Yubikeys for hardware authentication, I moved everything over to that. I guess I was mainly confused why Proton even offers authentication stuff when it seems more secure and less likely for you to get locked out of your accounts if you used a separate service for it.