Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
IT Technology

1Password Adds Its Own 'Hide My Email' Feature (theverge.com) 36

1Password is launching a new feature to let users create unique email aliases for logins, much like Apple's iCloud Plus Hide My Email function. From a report: 1Password is partnering with Fastmail to bring its masked email feature to the password manager, giving all users the option of hiding their email addresses from apps and services. "Your email address is your online identity," explains Bron Gondwana, CEO of Fastmail. "If your credentials are compromised in a data breach, having a randomly generated email address adds a second line of defense because it can't be associated with your primary email address, and therefore, your identity." This new masked email feature will be ideal for registering accounts for temporary purposes, like a free Wi-Fi network. But they can also be used to hide your personal email address from any app or service as the aliases don't expire unless a 1Password user manually deletes them.
This discussion has been archived. No new comments can be posted.

1Password Adds Its Own 'Hide My Email' Feature

Comments Filter:
  • by PPH ( 736903 ) on Tuesday September 28, 2021 @11:14AM (#61841423)

    ... some user name @mouse-potato.com. It sure cuts down on the subsequent spam I receive.

    • by Anonymous Coward

      Fucking genius.

      $ nslookup -q=MX mouse-potato.com

      mouse-potato.com mail exchanger = 10 127.0.0.1.

  • Many sites often require you to validate new accounts with a working email address.
    • by NFN_NLN ( 633283 )

      They will own the domain and route the email back to you.
      This is fine until you realize you are now beholden to that service for password resets or account recovery in the future.

      • They will own the domain and route the email back to you.
        This is fine until you realize you are now beholden to that service for password resets or account recovery in the future.

        And of course it won't work on any site that specifically blocks signup with disposable email address, which from my own experience seems to be all the sites that I would actually want to use one for.

        • Simple. Create your own vanity domain, then use an email service that let's you use your own domain or manage your own email server (if you're a saddist) and create your own throw away email addresses.
          • by laktech ( 998064 )

            manage your own email server (if you're a saddist)

            was calculus hard for you in high school too? you're projecting your limitations.

            • by Pascoea ( 968200 )
              How's the view from up on that high horse?
            • Projecting nothing at all. What can you walk someone through doing? Getting a domain and signing up for Google apps for domains or some other service or installing, configuring, securing, maintaining a mail server, dealing with spam, etc. If anyone is projecting anything, its you and your lack of real world experience. Just another geek who doesn't realize the vast majority of the people have no clue how things work. I value my time and energy, managing a mail server is not where I want to put forth that
        • And of course it won't work on any site that specifically blocks signup with disposable email address, which from my own experience seems to be all the sites that I would actually want to use one for.

          Sure it will. Sites won't have any way to distinguish between dark.dog6868@fastmail.com (an actual address it just generated for me) and a user's canonical address. The address is valid for as long as you want it to be, you can send and receive from it, and there are no middleman intercepting your mail before it gets to you.

          What you and others are missing is that this "new" feature is simply a rebranding of email aliases at Fastmail, which many of us have been using in exactly this way for years. They've pa

      • by DarkOx ( 621550 )

        This is fine until you realize you are now beholden to that service for password resets or account recovery in the future.

        That part does not bother me to much - I mean that is just a matter of going though the accounts you have in the system logging into those services and updating your e-mail address with your real one; should you decide to leave 1Password before you actually do. That is just a matter a diligence..

        The more worrisome thing IMHO is someone at 1Password or someone who breaches 1Password now has a way to do account recovery on all those sites - because the vast majority of them don't require more than proof you c

      • They will own the domain and route the email back to you.

        You seem to be very confused (which I blame on the summary, not you).

        1) This works with your own domains if you have them. In fact, I've been using it with my domains for nearly a decade.

        2) If you don't own your domain then they already own the domain you're using for your email. After all, this is a feature being provided by Fastmail, a mail host, to their paying customers.

        3) Unlike with Apple's "similar" feature, no one here is acting as a middleman, intercepting your mail and then routing it to your real

    • What we're talking about here are Fastmail aliases, which are simply alternate email addresses that reach the same inbox (i.e. you get the mail, no differently than if you had given out your actual address). They're an existing feature I've been using for nearly a decade at Fastmail for exactly this sort of use.

      Let's say I own mydomain.com. When I sign up for ACME's site, I might give them acme@mydomain.com as my email address and then in Fastmail I'll create an "alias" named acme@mydomain.com that directs

  • This feature will cost you $36/year to $60/year plus you can't have your own local password vault (they recently stopped standalone licenses). So if there's an Internet outage and it impacts their service, then you're basically screwed - you have to first login to their site first in order to use this future. And the feature could also get removed in the future. Bitwarden, enpass are good alternatives.
    • 1Password data is cached locally, you don't need the net to access your passwords... It really matters when you need them to be sync'd.

      • Not exactly. 1Password will make you login before you can do anything with their app (including accessing passwords) regardless of any locally cached data. The Standalone version that they won't sell anymore provided a local vault option. So you're basically forced to login to their Cloud and have a vault be stored on their cloud (i.e. sync). If that dies, you're screwed. If the company goes out of business, then you're really screwed.
        • This is just plain wrong. The only time you ever log in to 1password is when setting up a new device. The rest of the time you're entering your master password to unlock the cache. The browser plugin will push you to the website to edit items, but viewing works offline without trouble. The desktop app will let you edit the cache locally and it will sync changes when it has a connection.
    • This feature will cost you $36/year to $60/year [...]

      Given that "this feature" is "email aliases", no, it won't.

      This is a front-end for creating email aliases at Fastmail, but Fastmail users are already able to create aliases in their user settings [fastmail.com] without ever using the new front-end. So you can safely cut 1Password out of the picture if you don't like them. Moreover, email aliases [wikipedia.org] are a fairly common feature for mail servers, so you can even cut Fastmail out of the picture if you're okay hosting your own mail server or would rather pay someone else who offe

  • by suso ( 153703 ) * on Tuesday September 28, 2021 @11:28AM (#61841513) Journal

    Can you say vendor lock in?

    • You can use your own domain. No lock-in there.

    • How do you figure? While there's a lot of marketing and incorrect comparisons going on here, this is nothing more than an easier method for managing email aliases [wikipedia.org], which are a common feature on many mail servers. Sure, these two products happen to be proprietary, but there's no lock-in with anything they're announcing. Also worth noting, Fastmail is one of the biggest contributors to open standards and open source software in the email industry. If you've done anything with email in the last two decades, od

    • This isn't vendor lock-in. If you had RTFA, you would have seen that this is merely integration with FastMail, meaning that one still has to have their own FastMail account for this. 1Password just integrates the FastMail functionality into 1Password's own interface.
  • Finally, something relevant for you to post in!

  • The catch is that you have to pay for a Fastmail account as well, which starts at $3 per month or $36 per year, same as 1Password. You'll get a 25% off the first year if you sign up for Fastmail through 1Password. It still lags behind the features and design of similarly priced competitors. LastPass provides a better experience, especially on non-Apple platforms.
    • Plus, 1Password will make you login before you can do anything with their app (including accessing passwords) regardless of any locally cached data. The Standalone version that they won't sell anymore provided a local vault option. So you're basically forced to login to their Cloud and have a vault be stored on their cloud (i.e. sync). If that dies, you're screwed. If the company goes out of business, then you're really screwed.
    • The catch is that you have to pay for a Fastmail account as well

      I know this might be odd, but some of us were already paying Fastmail. When it comes to data as important as email, many of us believe that it's important to be the customer, not the product. What you call a "catch", I call an aligning of incentives.

      That said, this is just a rebranding of Fastmail's existing email aliases, plus an integration with 1Password to make it easier to create them automatically, so it's not like this is really anything new or different. I've been using aliases to do exactly this fo

  • this should really be a self-service feature you can deploy and manage yourself.
  • "But they can also be used to hide your personal email address from any app or service as the aliases don't expire unless a 1Password user manually deletes them."

    So just like my 50 Gmail addresses? Why do people still use their real email to log-in to anything?

  • The company I founded had this feature back in 2005 [helpnetsecurity.com]. And because you could self-host, you weren't necessarily relying on a third-party cloud service.

You can be replaced by this computer.

Working...