gmail popularized email subaddressing, also known as the plus (+) trick, and is now supported by most email providers. allows you to create a new email address by simply adding the plus sign (+) to your current email address.
For example, if your email address is name@email.com, you can quickly create a new email address like name+facebook@email.com for facebook, name+twitter@email.com for twitter, etc. .
Here’s a closer look at the pros and cons of using the plus sign trick, especially when compared to email aliases.
advantages of the plus sign trick
The main advantage of the plus sign hack is that it is easy to use and is readily available.
If you use email filters, the email sub-address is also very useful. for example, you can set up a filter to move all emails sent to name+groupon@email.com to the promotion folder.
with subaddresses, you can create an unlimited number of email addresses – just add something after the plus sign and you have a new email address.
If you’re a developer or work in QA, being able to quickly create a new email address is very helpful when testing a website or application.
what are simple login email aliases?
An email alias is simply a forwarding email address. emails sent to an email alias are forwarded to their original email address.
Similar to the plus sign trick, simple login allows you to have a different email address for each website: simply create a new email alias each time you need an email address.
Usually an email alias only allows email forwarding, but with simplelogin, you can also send or reply to email from your email alias.
currently there are 4 ways to create a new email alias in simplelogin:
- if you are on a laptop/pc, the firefox or chrome extension allows you to create a new email alias by clicking the simple login icon in the email field. you can also use the context menu to create a new email alias.
-
using one of the simple login apps: website, firefox/chrome extension popup or android/ios app for further customization. this is the most flexible way and offers advanced options.
create email aliases on the fly through the catch-all domain. if you own a domain, you can enable the general option that allows you to use can_be_anything@your-domain.com as your email address – it is automatically created when an email is sent to this address.
create email aliases on the fly via subdomains: In case you don’t have your own domain, you can use a subdomain provided by simplelogin. any@your-subdomain.simplelogin.com will be created the first time you receive an email.
email address with plus sign trick is not good for privacy
Although handy, the plus sign trick is well known and your real email address can be easily extracted: just remove the part after the plus sign. For this reason, if your sub-address shows up in an email leak (which you can easily verify at https://haveibeenpwned.com), a bad guy can extract your real email address and use it for a spam/phishing campaign or to match other data leaks.
Email addresses containing the plus sign are sometimes (incorrectly) considered invalid. worse, a website can silently remove the part after the plus sign and use your real email address instead.
if you use gmail, you can’t reply also from the subaddress. when you reply to an email sent to name+newsletter@gmail.com, the reply will come from your real email address name@gmail.com
email aliases protect your privacy
an email alias is random and there is no way to link 2 email aliases to the same person.
For email aliases created with a catch-all domain, they can only be linked if the domain is known to have catch-all enabled. there is no way to detect if a domain has this option enabled or to know how many people are using a domain, a bad actor usually ignores these email addresses entirely.
For email aliases created via the directory, you can use a separator other than the plus sign to reduce the chance of your email aliases linking to each other. simplelogin also supports the pound sign (#) and forward slash (/) as a separator, and in future you can also use the directory as a subdomain (ie newsletter.simplelogin.fr). then you can use newsletter/python@simplelogin.fr, newsletter#python@simplelogin.fr or python@newsletter.simplelogin.fr as the email address.
email aliases reveal who is selling your data
If you use a different email alias for each website and one of your aliases starts receiving emails it shouldn’t be receiving, you can be sure this alias was leaked or sold.
for example, if your email alias for facebook receives emails from linkedin, that means facebook has sold your data to linkedin or they have had a data breach. either way, you can disable this alias. your real email address remains hidden.
Data brokers, a $200 billion industry, use your email address as a common denominator to match users across different data sets. having thousands of email addresses makes your job harder and your privacy better.
email aliases are more flexible
With email aliases, it’s easy to change where emails are forwarded to. you can simply add an additional mailbox so that every email sent to your email aliases is forwarded to both mailboxes.
You can also have a more complex setup, such as having an email alias for a shopping website that forwards to both your mailbox and your partner’s. or an email alias for your support team that allows anyone to receive customer requests and respond from the support email address.
additional protection
In popular email services like gmail, outlook, your emails are stored in plain text, which means anyone who has access to their servers can read your emails. Despite the fact that these services claim to have a strict policy and promise that they will never read your emails, scandals in the past have proven otherwise. With the recent twitter hack, an employee can be socially manipulated to leak data or leave a back door for hackers.
pretty good privacy (pgp) was created in 1991 as a way to encrypt your emails, texts, files, etc. used by edward snowden, journalists, dissidents… pgp is highly secure and almost unbreakable.
in pgp you have 2 keys: the private key that allows you to decrypt emails and that you should never lose. the public key is public (hence the name) which allows anyone who wants to send you an email to encrypt the email. only you can read the encrypted email.
simplelogin supports pgp and allows you to use pgp in email services that don’t natively support it. for example, you can pgp your gmail using browser extensions like mailvelope or flowcrypt and have simplelogin encrypt all email sent to your gmail.
security
Although primarily focused on privacy, email aliases are a good way to increase your security online. the email address is usually used with the password as the account credential. if you use a different email alias for each website, a bad actor now needs to know both your password and email alias to hack your account.
recommendations
With multiple advantages over the plus sign trick, email aliases are an excellent tool for protecting your privacy online. using a password manager is recommended to help remember email aliases used on different websites.
Sign up for a new simple login account to explore how email aliases can help protect your privacy online. if you’ve used email aliases in the past, you might be surprised how easy it becomes now ;).