|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
18 Jul 2016, 09:52 PM | #1 |
Senior Member
Join Date: Dec 2003
Location: Melbourne, Australia
Posts: 120
|
Home-made security
Is this a good security idea or is there a flaw in my logic:
. I want to be able to access my email on my smart phone, but don't want to risk 11 years of email spread over multiple folders falling into the wrong hands if I lose my phone or leave it on the train... So, I purchased a $20 a year FM subscription with a gig of storage. (even a $10 lite account will do the trick). I then created some rules on my main FM account choosing which emails are forwarded to myname-mobile@fastmail.com (i.e. my FM mobile app). Result: I get to read email from my main account with the assurance that my main Fastmail account can't be compromised. It's not rocket science, but it works really well... . Last edited by exactus : 21 Jul 2016 at 05:31 AM. |
18 Jul 2016, 11:04 PM | #2 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
|
19 Jul 2016, 01:38 AM | #3 |
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,095
|
Your idea is a reasonable low-tech solution, but it should be unnecessary if your phone has good security.
|
19 Jul 2016, 12:49 PM | #4 |
Cornerstone of the Community
Join Date: Mar 2011
Location: ~$
Posts: 652
|
I've been doing exactly that for a couple of years.
The main account has 10 years of email history. I never log into it from untrusted computers. My smartphone counts as untrusted because of the ridiculous amount of permissions that every app seems to want these days, not to mention the risk of theft. (It's also an older model without a dedicated chip for encryption.) Some email gets forwarded to the "proxy" account. I read it on my phone, reply if I need to, and delete both the original and the reply immediately. The main account is automatically copied on any email I send from the phone, so I get to keep all my records regardless of what happens to the phone. If someone steals and unlocks my phone, they'll see at most a couple of recent emails, nothing more. The phone doesn't even have the account password, only an alternative login that can be invalidated at a moment's notice. |
21 Jul 2016, 07:43 PM | #5 | |
Cornerstone of the Community
Join Date: Jan 2003
Location: Oxfordshire, UK
Posts: 603
|
Quote:
Because of this, I am happy to have my (only) main email account on my phone as I can revoke access immediately if lost. I think the 2FA (that Fastmail will implement next week) effectively does the same thing (by requiring unique passwords for each client). |
|
22 Jul 2016, 09:17 AM | #6 | |
Cornerstone of the Community
Join Date: Mar 2011
Location: ~$
Posts: 652
|
Quote:
As for 2FA, I would trust it more if the second factor were something other than an app on the very same phone. Yubikey would be fine. |
|