Moving email addresses out from one provider and creating another one is more difficult than moving phone numbers (in the latter case, number portability could help, if available).
What exactly can an average/common end user do for such incidents, even if it is to avoid them in the future? I use different passwords across accounts, with all of them being somewhat complex or very complex.
I have looked at a few different paid service providers before, but they're all very expensive. Expensive for me is anything that charges more than $20 per year, or worse, charges that amount or higher for every single email address/alias on a domain. My use of email for personal purposes is writing about a handful of emails in an entire year, but on the receiving side, I get a lot of emails - most of them somewhat commercial in nature (like online orders, bank statement notifications, marketing newsletters I've explicitly signed up for, etc.). I also have several email addresses, each one used for a different purpose and with some overlap across them.
It seems like web hosting has become extremely cheap over time whereas email hosting has stagnated on the price front for a long time.
Moving to a new email address (and taking all your existing mails with you to the new inbox) is actually far easier than changing phone numbers.
Almost all (old) providers let you set up a mail forwarding (to the new provider). But even better, several services let you set up some fetchmail-like program where it imports all the messages from the old provider, e.g. via POP3 or IMAP, and even deletes them with the old provider, if you want.
Nevertheless, I fully agree with you that email services are much too expensive. Given the current market prices, Fastmail, for example, is great and worth its money.
We're told to spend some money on good quality software and services.
But: If I (and even more so the average non-technical user) pay 99 USD/year for Dropbox, 50 USD/year for Fastmail (because you want your own domain), 10 USD/year for the actual domain (separately), 100 USD/year for my quality newspaper subscription, etc. -- and all this is just for one person in my famile (i.e. me) -- you soon end up not having enough money for the "real" things in life.
> [...] pay 99 USD/year for Dropbox, 50 USD/year for Fastmail (because you want your own domain), 10 USD/year for the actual domain (separately), 100 USD/year for my quality newspaper subscription, etc.
I went for Mailbox.org, you get 25 GB for email AND 25 GB for documents, all for €4.50/month, about $60 per year. You also get calendar/contacts/tasks with web based apps for all of the above, plus word processor and spreadsheet.
They support open standards (CardDav/CalDav/WebDav) so you can choose among several clients on any platform, and they seem to have a good track record with regards to privacy.
This, however, is offset by the fact that my "quality newspaper" subscription is about AUD $350/year, LOL
Disclaimer: I am not associated with Mailbox.org in any way, just a happy customer (at least for now!).
For me FastMail's customers service has been better than Google Apps.
And had fewer issues in general with FastMail. Google Apps has some crazy limits, like on the number of IMAP connections or email aliases, you can't normally change the primary domain, you can't setup an abuse@ alias, etc, etc. and contacting Google Apps support doesn't do more than for them to tell what's already written in the docs.
And I mentioned in another mail, but FastMail's IMAP import and POP3 links work, whereas this functionality is broken for Gmail and Google's support won't help you ;-)
My experience has been entirely the opposite of yours. Fastmail has excellent (and personal) customer service whereas getting ahold of someone at Google is nearly impossible.
Truth be told, with Google Apps you get phone support and email support usually answers withing 24 hours in my experience.
Problem is they couldn't help me much when I had problems. Google Apps has serious limits and contacting support won't help you get around those limits. Most of the time support just tells you what you can already find in their online docs.
They only solved two issues for me: (1) when I wanted to change my primary domain, after 2-3 months of asking them repeatedly, they finally enrolled me into this beta programming and finally changed my primary domain. And (2) when I upgraded to the annual subscription and then changed my mind, they reverted me to the flexible pricing. On the other hand they couldn't even help with with an import gone wrong.
With FastMail I have had a good experience thus far.
> They only solved two issues for me: (1) when I wanted to change my primary domain, after 2-3 months of asking them repeatedly, they finally enrolled me into this beta programming and finally changed my primary domain.
Were you on the grandfathered free tier? It seems to be quite trivial to change the primary domain if you're on a paid tier.
No, I was on the paid tier. If you're talking about September 2016, maybe. I was talking about 2015, being just an example of how Google's support was unhelpful.
Google has absolutely no customer support whatsoever. I don't know anything about FastMail customer support, but it's hard to argue it's worse than no customer support.
Unless customer service means something different than customer support. What does it mean?
Personally, I use Google Apps for Business and since a few months ago Hangouts doesn't work correctly any more. It's almost unusable at times.
What can I do? Who can I complain to? How can I escalate this? Absolutely nobody can help me.
Once I figure out a feasible transition plan from Hangouts, I'm done with doing business with Google.
I guess I'm the outlier here. I signed up for a paid personal account while trying to sign up for a business account. The custom domain option being available for a personal account threw the wrench in my plans.
The tech support rep who answered barely understood their platform and kept giving me incorrect instructions. It took a long while on the phone with that rep to get the account moved to a business account.
I have had good luck with fastmail.com, but at $30/year for the entry-level option it sits in what you classify as the "expensive" category.
For a dedicated service with keen developers and ongoing product development (yay U2F support), great and accessible support, reasonable expectations of privacy, it has been well worth it. YMMV, of course.
I've been using fastmail. I don't necessarily like it better than gmail, especially since I use hangouts for most of my conversations. however I outright dislike their mobile app, it won't load with no internet connection, like it doesn't cache anything. so maddening. I've been using it a few months paying $5/mo, but will likely discontinue it soon.
Thanks. That $20 a year was just an approximate amount. I wouldn't mind paying a little more.
I've seen Fastmail recommended multiple times and have looked at it. Considering that I would actually want at least three or four "users" (access wise), the plans are quite expensive. The fact that each user can have up to 600 aliases (which sounds great and is useful) doesn't matter much to me since the billing is per user (as opposed to some kind of mix and match of users and aliases). This makes their business model not suitable for my needs.
Zoho has a free, ad-free service¹ that allows: 1 domain, 5GB per user e-mail hosting, and 5GB per user document storage for up to 25 users. Pricing seems reasonable beyond that. They provide incentives in the form of additional users for referrals (my referral code: WX7yxEKy). They also support 2-factor authentication.
I love how every time a company is compromised, everyone pops with their own "uncompromised" service offer.
As if, this one would never get compromised and they were much better at it. Except they probably aren't. Bet the devs have all keys on their "work" laptop (you know, the one with stickers that they take home, to starbucks, on vacations, watch their movies on, etc.) (like everyone elses is doing)
I think it's useful information. Many people are not aware of alternatives.
Plus, it would be better for all concerned to have 25 smaller companies with 20M accounts each than one company with 500M accounts. Less of a security monoculture, and fewer eggs in a single basket when it does get compromised.
From a user's perspective, although it may be less convenient, it's probably healthier to use a bunch of services offered by a bunch of different companies than to work with a single company for all digital needs.
I tried to sign up for Zoho a few months ago. Absolutely nothing in the signup process worked. I just got messages to "try later." So I gave up after about a day of peridocally retrying.
On the flip side, I did that and while generally it's been a positive experience, providing your email address over the phone has become huge pain!
I definitely took for granted how easy it is to say to someone "first initial + last name at major email provider . com", instead of "really easy first part at custom domain, wait let me give you the phonetic alphabet equivalent, no just the letter b, not actually the word bravo... . io - yes io, item oscar, it's the indian ocean. Yeah I'm sure it works"
When I first went to get the domain for my main/personal email address, the .COM wasn't available...And I just didn't have an interest in the .NET or .ORG. So I went with .CC. I thought, "Hey it seems neat, slightly different (at the time) but not too weird, and its one letter shorter for people to type!" ...Or so I thought. Boy, has it been annoying with some people. Admittedly over the years it has become slightly easier, though there is the occasional exercise almost exactly as you described above, spelling it out as if to an infant.
I supposed the audience on HN is likely tech-focused, but even today (september 2016), there are so many "civilians" out there who are NOT exposed to non-.COM domains, its quite surprising. So many people that you would think have by now been exposed to some technology - hey they use advanced mobile phones, "smart tvs", etc. - and they look at you stunned if you bring up an email address with a TLD from outside the U.S. I'm living here in U.S., but if you want to really stump some people give them email addresses like the following:
This sounds good, but in my experience americans wants everything spelled out. Every time I need to communicate a common name, or common-word domain, or anything like that, they always ask me how to spell it.
"Hi, my name is Kate", "How do you spell that?". WTF!
And they get it wrong anyway. My partner's name is "Andreea", with a double 'e', and she always makes this fact very explicit, but in 95% of cases they will input it in their systems with a single 'e'.
My name is unusual, but it's one letter off from a usual name in my country. The bank has my correct name in their record, of course. But each time they email me, they use the wrong name. They sometimes even emit me new cards in the wrong name! When I complain, they ask very surprised and say that they are aware that the name in the system is what it is, but they thought it was a mistake, so they decided to emit the card in a different name! Unbelievable! This has happened with multiple banks.
Nobody seems to have any trouble with "jon@jrock.us", other than spelling "jon" wrong. I think one time someone at American Airlines said "oh, that's neat". Otherwise, nobody cares.
I would hesitate to recommend using a personal domain for email. It's more complex and worse for security.
In addition to securing access to your email provider (Gmail for example), you now have to secure access to your domain provider too. And even if you do your best, they might fall for social engineering because they take phone calls--like in the famous @N hack:
This hack involves 2012 passwords, according to the Re/code coverage. If you've still got the same password, that's a problem. If you're changing passwords every year or so, your vulnerability drops.
Two-factor identification on any account that involves your money is a good idea, too.
It's true that this hack was in 2012, but the information lost is not only passwords but also account information like name, addresses, other linked email addresses, etc. So those who changed their passwords after this hack still have something to worry about.
True, but if you've got any internet presence at all, it's already pretty straightforward to associate your name and email address (or addresses). Tools like Datanyze, Spokeo, SellHack, etc. do that routinely. Having 120 million Yahoo records available for mischief (without current passwords) makes things slightly worse, but not much.
Right, but it still needs an email service provider to point to (and I wouldn't want to run it myself for various reasons). And the providers I've seen are expensive (for me).
You also get 1TB of storage with that, and unlimited storage with 5+ accounts. I do this for my family, and we all have unlimited backups and custom domain email.
Luckily, I do have a grandfathered plan where I can use Google Apps for my domain for free. But as I mentioned in another comment, I'm trying to reduce my linkages with Google, Facebook and others for privacy reasons. That's one of the reasons why I don't use that much (the other issue is dealing with changing my email addresses with everyone else I've shared those with - ad based free email providers like Yahoo do not offer mail forwarding out of their platforms for free).
I personally use Gmail as an IMAP client for my domain's mailbox. I get the convenience of webmail + the ability to move my data elsewhere if I wish to.
I've been trying to reduce my footprint with Google, Facebook, etc., for privacy reasons. I love Gmail's spam filter, and am ok with some of the annoyances in the webmail interface. But the privacy part makes me feel uncomfortable.
Just because you move to a paid email provider doesn't mean that provider won't get hacked. In fact, the resources at larger companies like Google could provider better protection.
Perhaps the benefit of being at a paid email provider is that they have a much smaller number of accounts, so they are a less attractive target for hackers.
You're missing the point. Paying for your email means you own your domain and email address, so you have the freedom to move to another provider if the current one proves to be incompetent.
Also, in case you have problems, it's impossible to reach Google's support, unless you're a Google Apps customer. It's also near impossible to reach Yahoo's support too. I know because I've been there. If you don't pay, you don't get any support.
"Better protection" is a fairy tail if you can't talk with somebody in case your email goes missing or in case you suspect you've been hacked.
They appear expensive because the expectation in people's minds is that email, and most online services are free.
Personally I find email to be the most important online service. Everything depends on email. While I can live a non luddite life without Netflix and Dropbox and cloud VMs, and Facebooks, I quite literally can't live my normal life without email.
For me, it's more important than a phone. Because of this, I would expect to pay less for a mobile plan than for email, but even with "expensive" email service, the situation seem reversed.
If the idea of paying for online services were more entranced in people's mind, there would be more competition and there would be email providers offering services at any price point. Now we only have free email, and "expensive" email, for "those" people.
Thanks. I've looked at it before and like the privacy part very much. But it's quite expensive for my needs since I would have to get a few ProtonMail Plus accounts, taking the cost to a couple of hundred dollars a year or more.
I considered both before choosing one. Ended up going with Protonmail because:
* The folks behind Protonmail are also heavily involved in the OpenPGP.js project. Interop with plain PGP from non-Protonmail accounts is on their roadmap and a feasible future feature. AFAIK that's not on tutanota's roadmap and they use a different customized crypto library, so all you'll ever get is e2e encryption with other tutanota users.
* Proton's mobile app is a top-rated android mail app, and pretty good even compared to iOS's Mail app.
* IMAP support is also on Protonmail's roadmap, but not something I miss due to the good mobile app.
* The tutanota.com and tuta.io domains are dorky and hard for other people to remember.
Thanks so much for pointing this out. I had never heard of it before and had a look. It looks good and has a team whose values I identify with. What's more, it has flexibility in billing that looks quite attractive (users, storage, aliases, etc.).
Unfortunately, it does not support IMAP or POP, which I prefer just to have local copies of mails as a backup.
A paid account looks appropriate (and would help the company stays in business), but it's a bit pricey for my needs (though not as much as other providers who don't have a lot of flexibility on users/storage/aliases).
I will try the free account to experience it firsthand.
Number portability helps you keep your same number with a different provider, I don't think it's relevant when you're talking about switching numbers. Also, email forwarding is easier to set up than call forwarding, and just overall I think switching email addresses is easier.
I've had a Yahoo email for years and then got fed up with it so got a Gmail one and set Yahoo to forward to it. Works for me and I think Gmail is fairly secure. Yahoo seems kind of bad security wise. It's all free now though I used to have to pay Yahoo to forward.
I create a new email address for every new service I have, with a different password. I literally have 120 different emails that all funnel into the same email address via forwarding.
I tried to do that for a long time. It's nice until you forget exactly what your email is with say, Company X Industries when trying to reset your password. Was it CX@domain.xyz? CXI? CompanyXIndustries? That example is silly but this came up frequently for me. And was super awkward when giving out my email to a CS rep over the phone or "Can you confirm your email address for me?" Me: "something that ends with XP84.cc, I forgot."
Password managers have made this somewhat less painful, at least on the Web, as opposed to "Apps" which refuse to implement the API for using the password -- and username -- stored in your keychain.
What exactly can an average/common end user do for such incidents, even if it is to avoid them in the future? I use different passwords across accounts, with all of them being somewhat complex or very complex.
I have looked at a few different paid service providers before, but they're all very expensive. Expensive for me is anything that charges more than $20 per year, or worse, charges that amount or higher for every single email address/alias on a domain. My use of email for personal purposes is writing about a handful of emails in an entire year, but on the receiving side, I get a lot of emails - most of them somewhat commercial in nature (like online orders, bank statement notifications, marketing newsletters I've explicitly signed up for, etc.). I also have several email addresses, each one used for a different purpose and with some overlap across them.
It seems like web hosting has become extremely cheap over time whereas email hosting has stagnated on the price front for a long time.