
Ask HN: How do you “un-Google” your digital source of truth? - dinkleberg
(Sorry if the title doesn&#x27;t make sense, I&#x27;m struggling to put a word to the important place that a Gmail account has in most peoples&#x27; lives)<p>After seeing some harrowing stories of people having their google accounts banned, I&#x27;m increasingly concerned about how important my Gmail account is in my life.<p>Essentially everything digital I have is tied to my Gmail account. Many services even use two-factor auth tied to email, so were I to be locked out, I would be locked out of all of these services.<p>So it got me thinking about what the safest &quot;source of truth&quot; would be if I were to switch away from Google. Privacy is nice but more important is reliability since losing that loses everything.<p>In the ideal world, self-hosting your email would be a good option, but you risk reliability there.<p>It seems to me that the best solution is to use a personal domain rather than an @gmail.com account since if you get google-banned for whatever reason you can just point your DNS at another service.<p>Not completely without risk, it&#x27;s easy to accidentally uncheck the auto-renew button with your domain provider. But you do have the option to add many years at a time, so it is easy to deal with that.
======
ta0987
I have the same question.

The problem is picking a company you can be confident in for both:

1\. Competent security

2\. Good support

Google meets 1. but fails at 2. Every time this topic comes up there are many
suggestions meeting 2, but without any arguments or evidence that the
suggestions also meet 1.

According to HN security guru tptacek the top three most secure companies are
Google, Apple, and Microsoft. (Paraphrasing from memory, any errors are my
own.)

Apple and Microsoft both have retail locations unlike Google, which could in
principle be used as a last resort for recovery, but I don't know if they
actually are. Without good process and training that could open a weakness
from social engineering, similar to SIM jacking at cell phone shops.

Does anyone here know if Apple, Microsoft, or any other company meets both 1 &
2?

Does anyone here know if Apple or Microsoft account can be recovered at retail
locations with an ID? And if that process is social engineering resistant?

Edit: the thing to consider with self hosting is that there is no such thing
really. You have to register your domain somewhere. What is _that_ provider
using to authenticate you? Not saying you shouldn't have your own domain, just
that it's also a thing that can be lost or attacked. You also have to run your
VPS or server somewhere. Do you own a datacenter? Do you have a backup
generator and redundant internet at your house? Not saying you must but
there's always trade-offs.

------
chrisked
Buy your own domain, dns, and email. DNS made easy is low cost and very
reliable. For email use Fastmail. Amazing product.

