Ever thought of this piece to the security puzzle?


You’ve heard it a hundred times at least. “Never re-use the same email and password on different sites.” A number of high-profile breaches, including the one reported by Namecheap.com yesterday, reinforce that good practice.

But … what if LastPass or KeePass are hacked?

LastPass and KeePass both encrypt all your passwords as you store them. Your account has one master password that unencrypts everything — without that one master password, all the hackers could get would be useless noise.

(Needless to say, your master password should be one you can remember while being secure at the same time.)

Most advice tells you to use something like LastPass or KeePass password managers so you can use a different, secure password on each site. That’s still great advice. If you haven’t signed up, go do that now.

But there is another piece to the puzzle. Your email address.

If you have your own domain and can set up email aliases, it’s easy to create a new email address for each site in addition to the strong, unique password. I’d suggest at the very least doing this for your banking and financial sites.

Want to be tricky? If you bank with Chase, for example, don’t set up “chase@yourdomain.com.” Call it “runawayfast@yourdomain.com.”

If you use GMail, it’s easy to set up unique addresses just by adding a suffix to your main email address. For instance, “MyName@GMail.com” for your banking site could be “MyName+MyBank@gmail.com.”

Bonus: having unique addresses makes it very easy to filter your email into folders so you can find it faster.

Want more security tips like this? I’ll be sharing lots of them on my live call September 22. Bring your security questions, too — I’ll answer as many as we have time for.

Disaster-Proof Your WordPress Website