Our email addresses play an important part in our online activities so it is vital that we ensure that they are safe and secure. It is not just receiving and sending emails that require our email addresses, they often form an important part of our online identity. How often do you use your email address to sign into online shops or services and are you sure that your email addresses have not been compromised?
We are all so reliant on our email systems to communicate with the world and organize our lives so if someone gains unauthorised access to our email accounts they will acquire knowledge about your life and finances that could bring considerable harm. It is vital that strong and unique passwords are used for your email account logins and for the best security, using two factor authentication is highly recommended.
Email addresses for our online identities
Before explaining how your email address plays an important role in your online identity, it may be helpful to explain the basics of how websites and apps verify that you are who you say you are so that they can trust you with access to their services.
There are generally three steps to online verification: identity, authentication and authorisation.
Depending on your country, you will have been given some form of unique code by your government that follows you through your life and uniquely identifies you from everybody else. In the UK once someone reaches the age of 16 they are given a National Insurance number. In the USA, for example, citizens are given a unique social security number.
Once you can identify yourself using a unique identifier such as your National Insurance number, it is vital to prove that you are who you say you are by providing some additional personal information that is only known to you. For example, when communicating with a government agency they will ask for your National Insurance number, along with your name and address, but will also ask you to verify who you are by asking for additional information such as your mother’s maiden name or your date of birth.
In the online world we don’t use our government identifiers for security reasons, but generally use our email address for our identity and a password to verify and authenticate us.
Once a user has been identified and authenticated they will be given authorised access to the appropriate level of online services.
As your email address plays a large part in our online identities, it is therefore vital that the safety and integrity of our email address is maintained at all times, but what are the risks to our identities if our email addresses are compromised?
Compromised email addresses and passwords from hacked websites
Unfortunately, there is an increasing number of websites that have been hacked which can give the hackers access to the thousands, or even millions of email addresses and passwords (pwned) when they gain access to user databases. Huge databases containing millions of user login details are published and traded on the dark web, so if your login details were stored in a website that subsequently is hacked, it is highly likely that they are now available to criminals.
It is for this reason that you should always use different passwords for every website that you register your details with.
If you are concerned about the safety of your email addresses, there is a free online service that allows you to check if your email has been compromised in a data breach. You simply enter your email address and that site will report if it has been released into the dark web after a website that you have used has been hacked.
Email compromised – what should you do?
If your email address is part of a data breach then you need to change your passwords on all your important websites that use that email address for login identification. This is because potential criminals may well have access to your password, either in encrypted (hashed) form, or, if the hacked website has not taken care of your details, even in plain text.
The lesson to take away from this is that your email address plays a vital role in your online identity. It is an unfortunate fact of life that many websites with large user databases get hacked releasing millions of login credentials into the wild. Look after your email addresses and always use different strong passwords for every website that you register with.