[throwDec21]

I just gave up using a custom domain - do you really need it? Sure it was cool 10 years ago but no one really cares any more, but the main reason I gave up because I was worried someone would hijack the domain to take my 2fa emails. One less thing to worry about.

[itake]

I’m more concerned about google kicking me off and I lose access to everything. No password recovery. No one can contact me.

All it takes is an algorithm to false positive on my account over anything and I lose everything.

They would need to break into my domain host to do that and that is 2fa.

[i67vw3]

https://merecivilian.com/apple-broke-up-with-me/

[croutonwagon]

I still use one. Granted it’s on a grandfathered google apps free account (or workspace now).

I see that as a net INCREASE in security. Google cannot now summarily shut down my access and rob me of accounts/emails. If they did so I could move my mail to a different service or just temporarily self host.

Mfa is still the same google auth as a gmail account. And the registrar (Hover) is MFA enabled as wel, using not only my primary account but a backup just in case.

Ultimately I have more control. And I’m not subject to having my account held hostage by a company with a history of pretty poor support responses that can’t be handled by algorithms.

[throwDec21]

I just assumed they can kick you off just as easily, but maybe I'm wrong.

[croutonwagon]

They can. But I own the domain and dns. So I can go to any alternative I want (protonmail, mail in a box, or even another rapid service)

[colanderman]

Not discounting the risk of hijacking; but owning a domain means you own your identity -- it is not tied to the whims of an application service provider.