No + required. There are hundreds of companies offering aliases using their shared domain.
Comment on God ****** dammit, here we go again
stealth_cookies@lemmy.ca 3 weeks agoI hate how many places don’t allow for + aliases. I want to know who leaked my email.
artyom@piefed.social 3 weeks ago
CodenameDarlen@lemmy.world 3 weeks ago
Even if your alias is leaked they can remove the + part and it’ll lead to your original email.
Fmstrat@lemmy.world 3 weeks ago
+aliases are convenience aliases only. They are often stripped from ID datasets. Better to use a real alias.jagermo@feddit.org 2 weeks ago
I use my own domain with a catchall, works like a charm
T156@lemmy.world 3 weeks ago
At the same time, it is trivially easy to strip a + alias, so I’d not trust it to do anything much at all.
Miaou@jlai.lu 3 weeks ago
If you use aliases for all services, it makes it slightly harder to automate trying one leaked email on another site, since the hacker needs to add the new alias on the other service.
No one is going through of all these credentials manually, so any extra obscurity can actually bring you security in a pinch. Although if you have different passwords this shouldn’t matter much…
Anivia@feddit.org 3 weeks ago
No, you just run a simple Regex on both combolists and are done. It literally takes seconds