Let me start by saying…I’m overwhelmed. I’m here because I’ve had a few instances of purchases being made on my mobile phone account (despite my use of 2FA) and I’ve gotten a number of notices lately about data breaches.
I need guidance. I’m going to have to break this all down into chunks and would GREATLY appreciate any and all help that can be provided to me. I’m strongly considering starting from scratch. As in - backing up important files, etc - then completely wiping my devices to factory and setting up fresh.
I need help with determining the best way to set up my email accounts and I may need to have a burner phone number. Finally, please give me some grace. My current situation cannot be changed - so I have to learn how to safely navigate within it until things improve.
ACCOUNTS
I need a way to QUICKLY remove certain video and/or audio files from my phone, have them stored on some encrypted device or cloud service. As in - the second the file is made - it needs to get gone from my physical device. These are an absolute “break-the-glass-in-case-of-emergency” way for me to provide evidence to protect myself should I ever need it. If these files were accidentally found - I’d find myself in a very scary situation. The goal is to never need to access them and be able to wipe them from the face of the earth once the need for a back-up plan is gone. How do I do this?
I need help figuring out how many email accounts or aliases or domains I need. Here’s what I think I need - perhaps someone can help me refine and simplify.
SECRET EMAIL for financial, medical, only accessed at home (Mac Studio) and I would not want 2FA to go to my primary phone number, in order to prevent anyone in my home from being able to use known personal info or access to my phone, to be able to access this email or those accounts. Strictly for me.
PRIVATE/PERSONAL ACCOUNT for communication with trusted friends & family, calendar, secure family documents, photos. Possibly would need an alias that I could use for things like communicating with schools, etc?
PRIVATE ACCOUNT (would this be my apple id?) for app purchases, for bills, paid subscriptions. Would using the "hide my email service for each provider be advisable here?
JUNK ACCOUNT - signing up for sales, etc. Would also connect this account to dedicated number for SMS signups.
How do I handle giving an email to new contacts that haven’t quite entered the “circle of trust”?
Would you recommend creating an alias somehow for purchases that require an email?
I’ll be using the provided guides when I wipe my devices (mac studio, iphone, ipad, and apple watch). Please send me all the help and clarity you can so I can make my life safer and simpler. I feel like I’m all over the place on my questions and thought process here - because I don’t know what I don’t know. It makes my head hurt just thinking about all of it.
I’m a super visual person, so if you have charts/graphs to help with best way to manage photos, vital records, etc - I’d appreciate it.
ETA: I plan to use Bitwarden for password management.
I think most of us can relate to these feelings and have felt similarly overwhelmed at one point or another.
One thing that I think can be very helpful for avoiding these feelings of overwhelmedness is to take a step back and really think through and define your personal threat model and avoid thinking of problems and solutions in the abstract. (it’ll also make it a lot easier for people to provide relevant and useful help if it is clear what your threat model is)
Would you recommend creating an alias somehow for purchases that require an email?
I’d encourage you to consider an alias for almost everything.
It sounds counterintuitive but using a unique alias per account/service is one of the simplest and easiest e-mail strategies once you wrap your head around it. To the uninitiated it often sounds hopelessly complex, but then so did the idea of using unique random passwords per account before we all started using password managers.
It may or may not be a strategy that works for you, but the simplicity I get from unique aliases as my default decision, is that it takes away all the thinking and indecision involved in strategies like the one you’ve outlined above with multiple inboxes/addresses for different groups of accounts. That is a valid approach, but it sets you up to have to consider (and second guess/feel indecisive about) which address to use for each new account. In a lot of cases that decision is simple and obvious, but in my experience there are also a lot of edge cases, that could fit into different categories or don’t really fit into either.
For my mind at least (I tend to overthink things), its a lot simpler just to use individual aliases per account and per non-human-contact. It takes most of the thinking out of it. Basically the only question I need to consider when making a new account or giving out my email is “Is there a clear reason not to use an alias?”
The main cases where I don’t use unique/per-account aliases are:
Personal contacts (living breathing humans, that I know personally)
Core, important, true-identity accounts. (the type of accounts that necessarily know my name/number/address/etc, things like financial services, insurance, medical, tax stuff) Really I could probably use unique aliases for these as well, but for reasons real or imagined, I’ve felt more comfortable keeping these accounts tied to a single address.
Any account that is really important to keep compartmentalized/very separate from your primary identity.
A couple generic aliases I’ve created and committed to memory that I can use for any edges where I wouldn’t use a unique alias but also don’t fit into one of the other categories.