This comprehensive guide outlines a robust strategy for managing digital accounts with emphasis on security, privacy, and significantly reducing online attack surface. The approach balances practical usability with strong security principles, acknowledging real-world trade-offs between security, privacy, and convenience.
Latest Version: For the most up-to-date version of this guide, visit the GitLab repository where it's maintained as a living document.
Account Migration: Highly variable - anywhere from 2 hours to 2 months depending on number of existing accounts, complexity of deletion processes, and implementation pace (2 hours/day recommended to avoid burnout)
Ongoing Maintenance: 5-10 minutes per new account, occasional alias management
Core Strategy Overview
The approach is built on four key principles designed to create defense-in-depth for digital identity:
Foundation Elements
Unique, Strong Passwords: Generated and managed by secure password manager for every account
Per-Service Email Aliases: Each online service gets its own unique, dedicated email address
Security Note: Always purchase YubiKeys directly from Yubico or authorized resellers, not from third-party marketplaces like Amazon. This reduces risk of receiving tampered or counterfeit devices.
Implementation Strategy
Phase 1: Account Audit & Migration
Begin with comprehensive cleanup of existing digital footprint:
Audit Existing Accounts: Review all stored credentials in current password managers/browsers
Delete Unused Accounts: Permanently close accounts no longer needed (reduces attack surface)
Export/Import Process: Transfer active credentials to Bitwarden securely
Persistent Deletion: Contact privacy teams for accounts that resist standard deletion
Granular Control: Easy to disable compromised aliases without affecting other accounts
Security vs Privacy: Understanding Trade-offs
Important Distinction: This guide prioritizes security over privacy:
Security: Protecting against breaches, credential stuffing, account takeover, financial theft
Privacy: Limiting data collection, tracking, and surveillance by companies/governments
Privacy Compromises Made
Paid Services: Financial paper trail from Proton Mail, SimpleLogin, domain registration
Smaller Providers: Potentially more vulnerable to government pressure than tech giants
Centralized Storage: All credentials in single password manager creates high-value target
Big Tech Integration: Still relies on Google/Apple services for certain functions (job applications, ecosystem benefits)
Practical Compromise Strategy
This approach acknowledges that perfect privacy is impractical for most people's real-world needs. The setup provides "practical security with reasonable privacy" by:
Prioritizing immediate security threats over theoretical surveillance concerns
Allowing ecosystem benefits of major platforms for specific use cases
Maintaining graduated approach: high security for critical accounts, convenience for less sensitive activities
Recognizing that security threats (financial theft) are more immediate than surveillance for most users
Real-World Limitations
Email Reply Complexity
Challenge: Replying to emails sent to aliases requires using SimpleLogin's outbox system, which can be cumbersome for ongoing conversations.
Workaround: Use Gmail/traditional accounts for job applications and recruiter communications where frequent email replies are expected. Use dedicated Proton Mail aliases for services requiring frequent interaction.
Alias Management Discipline
Challenge: Reusing aliases across services defeats the isolation purpose. If the same alias is used for multiple services and one shares your email, spam source becomes unclear.
Best Practice: Always use unique, service-specific aliases even for similar purposes (e.g., siteA-newsletter@domain.com, siteB-promo@domain.com).
Disaster Recovery Planning
Critical Balance: The more secure the setup, the easier it is to lock yourself out permanently.
Recovery Mechanisms
Bitwarden Emergency Access: Trusted family member with 24-72 hour delay period
Multiple MFA Methods: 3-4 different authentication options for critical accounts (YubiKeys, TOTP, SMS backup)
Physical Documentation: Sealed recovery envelope in safe with critical account information
Distributed Key Storage: Backup YubiKeys in separate physical locations
Testing & Maintenance
Never delete old email accounts until migration is complete and tested
Periodically verify emergency access and recovery procedures work
Ensure emergency contacts understand the process
Regular security reviews and key functionality testing
Cost Analysis
Proton Mail: ~$144/year (Unlimited plan with SimpleLogin Premium)
Custom Domain: ~$15/year (standard .com domain)
Bitwarden Premium: $10/year
YubiKeys: ~$200 initial investment (4 keys at ~$50 each)
Total Annual: ~$170/year after initial hardware investment
Key Insights
Security Through Compartmentalization: The core strength of this approach is isolating compromise to individual services rather than allowing cascade failures across entire digital identity.
Practical Security Philosophy: Perfect security that nobody can use is worthless security. This setup balances strong protection with real-world usability requirements.
Graduated Response: Not all accounts need maximum security. The system allows different security levels based on account importance while maintaining overall protection.
Living Document: Security requirements evolve. This guide represents current best practices while acknowledging ongoing refinement needs, particularly in disaster recovery planning.
Implementation Status
This guide reflects active use and real-world testing of the described security strategy. Areas for continued development include disaster recovery procedures, family/household implementation strategies, and enterprise integration considerations.
The approach has successfully prevented credential stuffing attacks, simplified breach response (immediate alias identification), and significantly reduced spam through email isolation while maintaining practical usability for daily digital activities.