Introduction
Do you struggle to come up with unique usernames for all platforms and end up using your email address for convenience? Do you find yourself targeted by spam emails and phishing attacks frequently? If so, consider whether using your email as a username is a good idea in the first place. This article explains the pros and cons of this practice and recommends some better alternatives.
Risks of Using Email Address as Username
The practice of using your email address as your username when creating online accounts can expose you to various threats.
-
Exposure to Cyberattacks
Using your email address as a username increases the risk of hacking and targeting by spam and phishing attacks. Hackers can more easily obtain your email address from platforms such as online forums and social media if it is used as a public username. -
Compromised Identity Across Multiple Platforms
If a hacker gets their hands on your email address, which is also used as a username, they only need to guess your password to compromise your account. This puts all your accounts at substantial risk. The situation becomes more concerning if you also use the same password across all platforms! -
Privacy Concerns
Avoid disclosing any personal information in your email address. It can reveal details about your organization, interests, location, and birth year. For example, email addresses ending in "@fb.com", "[email protected]", "@yahoo.cn", "[email protected]" can provide cybercriminals with the information needed to create a fake account in your name or send phishing or scam emails.
When Not to Use Your Email Address as a Username
There are scenarios where using your email address as a username may put you at a significant risk.
-
Platforms with Public Usernames
Some online platforms make your username public, mainly using it as a unique identifier; examples include Reddit and Instagram. In such scenarios, it is essential to avoid using your email address as a username. Some platforms provide the option to keep the username private. Always check if this option is available and set your username to private. -
Signing Up on Untrustworthy Websites
Caution is necessary when signing up on untrustworthy websites. Do not use your email address as a username if the website doesn't seem legitimate. If the website only allows email addresses (which some websites do for verification purposes), consider using a temporary one that can be disposed of later.
Alternatives
Below are some helpful tips for creating unique and secure usernames.
-
Create a Unique Username
We strongly recommend using unique usernames across all your online accounts. Using the same username for all accounts can become problematic if a hacker obtains it. They can use it to create fake accounts in your name. Your password should be random and not something that can be easily cracked, such as your birthday or pet's name. -
Store Credentials in a Password Manager
It is not feasible to remember unique usernames for different accounts and platforms. It is estimated that an average person has more than 200 online accounts! That's why it's important to use a password manager. Use a secure password manager such as NordPass to save all your credentials. -
Create Secondary Email Addresses
What should you do if the platform you're signing up for only accepts email addresses as usernames? In such scenarios, use a secondary email address instead of your primary one. Create distinct secondary email addresses for various purposes, such as gaming and online shopping.
How to Stay Secure Online
Creating unique usernames for your online accounts is a definitive step towards a safe online experience. Here are a few ways to incorporate even further online security.
-
Enable Two-Factor Authentication
Ensure that 2FA (Two-Factor Authentication) is enabled on all your online accounts where this option is available. 2FA is an authentication system that requires a second piece of information, such as a code on your mobile, in addition to your login credentials when signing in. Passwords can be leaked in data breaches if the platform has not implemented strong security measures. Enabling 2FA provides an added layer of security, ensuring that hackers cannot access your account even if they obtain both your username and password. -
Check If Your Email Has Been Compromised
Your account credentials and other personal information can be exposed in a data breach. How can you find out if your credentials were leaked? You can find multiple tools to check this. One such tool is Have I Been Pwned.
What to Do if an Email Is Compromised
You should take immediate action if your email address is found in a data breach. You can mitigate the damage caused by the compromised email and other leaked information, such as passwords, usernames, and credit card numbers.
-
Change Passwords
Promptly change your password for the compromised account. Also, do the same for other accounts where you signed up using that email address. -
Enable 2FA
Enable two-factor authentication to ensure the hacker cannot access your account. 2FA protects your account even if your credentials, such as username/email address and password, are compromised. -
Monitor Your Accounts for Suspicious Activity
Check your accounts for any unusual activities, such as unauthorized credit card transactions or emails being sent from your address without your notice. -
Inform Your Contacts
Hackers often use breached email accounts to send spam and phishing emails. Inform your contacts to be alert to any suspicious emails from your email account. -
Contact Your Email Service Provider
Contact your email provider so they can help you recover your account or freeze it.
Conclusion
Don't put your digital security at risk by using your email address as a username for sign-ups. Instead, use unique and strong usernames that are difficult to crack. Hackers are always searching for vulnerabilities, so it's wise to have strong security measures already in place, such as two-factor authentication and a unique username and password generator.
