Change Account Email?

starwolf
starwolf
Community Member
edited January 12 in Families

I've been using the same email address for my 1Password account for years. In recent years, this address has appeared in multiple data breaches (none related to 1Password). Since the email account itself has a very strong password plus 2FA, along with the rigorous MFA process required to add 1Password to a new device, I haven't felt it was necessary to immediately change it.

Nevertheless, I wonder if it would make sense to change my 1Password account to an email alias that has not appeared in any breaches (yet) and is used only for account logins...🤔

Would going through this process make my 1Password acct more secure in any meaningful way, or would I be jumping through hoops for no practical benefit?

1Password Version: latest
Extension Version: latest
OS Version: all platforms, latest version
Browser: various

Comments

  • GreyM1P
    GreyM1P

    Hi there @starwolf

    With 1Password, your email address is only used as a username and a means of contacting you. Ultimately, the security of your 1Password account comes from the combination of your Secret Key and account password, and has very little to do with your email address – it's just who you are as far as the server's concerned.

    If your email address has appeared in breaches, that doesn't necessarily mean that your email account itself has been breached. For example, if your email address was sam@widgetsincorporated.com and was mentioned in a breach for unifiedsprockets.net, you'd probably be OK, but if widgetsincorporated.com was reported as breached, that'd be a different story.

    It sounds like you already have a strong password and two-factor authentication for your email account, and that's definitely advisable. Unless you feel like your email account itself has been compromised, I wouldn't expect there to be any strong evidence to suggest that moving to a new email address is a necessary step.

    Hope that helps! :)

    — Grey

  • starwolf
    starwolf
    Community Member

    I appreciate the additional validation that there's no significant vulnerability from an exposed account ID. That email account is very secure—especially now that I'm using a private alias for login to the provider and my exposed address can no longer be used for login. 👍🏼

  • ag_tommy
    ag_tommy

    On behalf of Grey, you're welcome.