| Managing risk is more complex than just prevention by technical means. First you try to quantify the likelihood. For major email providers my estimation is the likelihood is actually quite low. Hundreds of millions of people have Gmail accounts and use them everyday. Same with Yahoo, Microsoft, etc. The vast, vast majority of people who use these services do not get locked out. In terms of prevention, understand what the service provider considers risky and compartmentalize. My personal Gmail accounts do not touch stuff that Google considers sensitive, like Ads or payments or IP (e.g. uploading to YouTube). For that work, I use other accounts. My professional Google accounts are tied to my work email domain, not Gmail. Finally, understand what recovery looks like. Seems like people often forget or underappreciate recovery (vs prevention). I use a password manager so I don’t need live access to email to log in. And for important services I log in regularly and/or use apps so chances are I’m authenticated right now. So in all those cases if I lost one email address, I could change to another in my account. And for anything truly important, like financial, I have others ways of contacting them. If I get locked out of Gmail I can still call my bank or broker, etc and re-establish access with a new email. |