The one thing most people completely underestimate is the value of their personal webmail accounts. You think your bank or web store is important? Well, have you ever noticed those oh-so-helpful "Forgot my password" functions? What do they do when you click that? They send you your password or they reset it at the least. Either way, if someone gets access to your e-mail account, they completely control everything you have on the Internet.

With access to someone's e-mail account, I can get to almost every other account they have online.

Besides the security risks, what about all your personal information? How many e-mails do you store online and how many years back do they go? Information about friends, family, business contacts; all things a bad guy who wants to do you harm could use.

Maybe you have a medical condition or a secret of some kind. Someone can use that for blackmail. What if they don't do anything that sinister and just impersonate you instead? If they send a virus from your account or scam your family into thinking you need money, chances are that your contacts will fall for it since it appears to have come from you.

That's why it's important to make sure that your e-mail account has one of your strongest passwords among your online accounts (if not THE strongest).

Read my passwords guide to learn what makes a good password and how to keep it safe!

angry_eggplant@nosuchmail.com

Have you every thought about the art-form that is picking an e-mail name? You have to choose one that no one else is using, it has to be creative or descriptive of you in some way, and not include too many numbers (angry_eggplant is creative, but angry_eggplant375253 is lame and hard to type too).

But there's more to it than that. If you're using an account for business, you'll probably want your business name or personal name. If you're using the account to sign up for religious, political, or hobby sites that you don't necessarily want people to associate with you for privacy reasons, using your real information is not a good idea.

Many e-mail services also let you choose a display name that is different from your e-mail address (which is how spammers can show up in your e-mail box as "Joe" when their actual address is eoi26@aoidjwd.net).

Whether it's your e-mail itself or just the display name, follow The Geek Privacy Principle: Never give up important data without a reason.

How to choose a good business e-mail name

First, decide how you want to use the e-mail account. Generally, only in cases where you are specifically using an account for a business of some sort would I say it's ok to use your real name. Even then, why list your full name when your first name and last initial (or the reverse) will do? Here are some examples:

• Jeremy D (jeremyd@nomail.com)
• J Duffy (jduffy@nomail.com)

Be careful that your e-mail name added with your display name don't give away everything such as in this case: Jeremy D (jduffy@nomail.com).

You can also get creative with your e-mail (which you usually have to do since there's probably a lot of people with your name that already have e-mail accounts). Maybe something like this would work:

• Jeremy (thegeekprofessor@nomail.com)
• Jeremy (onestopcomputing@nomail.com)

I know plenty of people who look perfectly professional with public e-mail accounts by using their business name as their alias and using the display name to make who they actually are more obvious.

And in the final case where you have your own domain name, it's pretty easy to create a good e-mail name, but don't over-do it:

Good

• jeremy@thegeekprofessor.com (not a real e-mail by the way)

Not Good

• jeremyduffy@thegeekprofessor.com (unless you don't care that EVERYONE knows your last name)
• Jeremy.G.Duffy@thegeekprofessor.com (is there ANY point to giving out your middle name or initial? I don't think so).
• CEO_Jeremy@thegeekprofessor.com (Way to paint a target on yourself. Prepare for Phishing and worse).

How to Choose a Good Personal Username

Real name and BIRTHPLACE!?

The first rule is to not use your real name or any other important information. At the MOST you can put your first name as your "display name" so people have an idea of who you actually are, but unless it's necessary, it's better not to.

The second thing is to think twice about what IS important information in the first place. Do you really care if everyone knows that you love dolphins? Probably not, but if you are trying to be anonymous, even that amount of information could be used to help uncover your true identity.

Also, if your e-mail name broadcasts the things you like, that can be used by someone to social-engineer you. Now, it might be paranoid to avoid something so innocent for a fairly low risk of being conned, BUT if someone were to contact you talking about how much they loved dolphins, remember that a con artist will start out by trying to build rapport and a good way to do that is to love what you love.

E-mail was the catalyst that turned a simple military communications effort into the monstrosity that is the Internet today. It turns out, people really like to communicate.

The problem is that there are many technical and social means by which bad guys can take advantage of you via your e-mail. Here I will present some some of the problems you will face and some tips for protecting yourself and others.