Need help about email addresses and cloud storage

(It’s gonna be a long story!)
Hello! I joined here a couple of days ago. I’m only 16 and trying to make my information as private as possible. I’m using my mom’s Gmail account and info to contact with you guys. I have mainly 3 gmail accounts. 1 is for all the social media accounts I have. It’s only for social media because Facebook or Instagram data breaches and hacks are very common. 2nd is for the peoples I can’t trust that much but I’ve no other choices and for logging in to my games… 3rd is for future purposes like business or something like that. I also need to be connected with my schools and teachers. So, I use that to do these works… Like joining Google classroom…
Now protonmail is more secure than all other options. So, I also created one. And planning to use it for personal communications and very important topics. Like as for my financial information. ( At this moment I don’t have any information that’s very important… But it’s for future). Now my question is: "Is this all correct? Or, should I have only 1 Gmail account to do all the stuff and move others to my protomail account. According to Rob braxman tech there is no use if I make my protomail account public… Like give it to everyone else I guess… And that’s the reason I decided to make 3 Gmail accounts and to separate them. And I’m thinking to use K9 mail instead of Gmail app to be secure. I’ll be using android but will cut down the access of internet to Gmail using netguard in my phone. And I tried using nextcloud to build up my own server but it didn’t go too well. So, I’m using mega for now and tried to use cryptomator but it’s paid. So, I can’t use it. And my exam is over so my mom will buy me Minecraft. I’m thinking to connect it with my 2nd gmail account because it’s data can also be leaked and it’s also a game and it’s also from mojang and Microsoft which I can’t trust. Please help me. Is my email strategy correct or I should change it & what should I do about my cloud storage? And about 2nd account to add Minecraft, is it correct. Please don’t ignore, help me. Thank you

1 Like

what you need right now is careful threat modeling, ohh and btw since you’re only 16, this is not legally advice, i’m not advicing you to do anything, i’m just telling you how i set up my accounts and online storage, whether you choose to replicate my setup , modify it or do nothing is entirely your choice. now that we got that out of the way, here’s my setup:

i have 3 main accounts:

  1. Work account : Gsuite gmail.
    This was given to me by the organization i work for, i use this for all internal communications, in your case, you can do the same with a school gmail address, but make sure you don’t use it for anything else and don’t login with this on your phone,
    Never login with Gmail on your phone directly, download k-9 mail (although i personally use fairmail) and set gmail up as an other email provider. and login to these accounts in a seperate firefox profile, which only has your logins, and isolate them further using multi-account containers extension in firefox.
    i use this email id for all work-related purposes and give it to all my co-workers

  2. Personal account : permanent
    this personal account acts as a catch-all mail address for all my aliases. i never share this with anyone on the internet or in real life, if i have a personal friend i want to communicate with , i don’t use email, i text them on whatsapp ( because no one in real life other than geeks use signal, it’s just the sad truth). this account i use to login to anonaddy, anonaddy allows you to have unlimited aliases and account as long as it’s not the @anonaddy.me/com domain, use a random word as your username and use it for everything you sign-up for, every single account you make goes to a different alias but all those emails come to this account.

among these aliases i have one gaming alias which i use for multiple services(epic, steam, etc) to access the account-related cross-compatibility features.

in case you want a personal email address for friends, then make another one, but don’t use that to sign-up anywhere.

  1. throwaway accounts
    for this i don’t have to make anything, but often times when my commitment for that account is low and the service won’t let me do anything without and account, i’ll use throwaway accounts for temporary email providers, the most private and ephemeral one is guerrillamail.com but it is quite slow in receiving emails, temp-mail.org works a lot faster and the website UI is a lot easier on the eyes, i use these temporary emails to login once and never again, i don’t bother deleting the account, i just forget i ever had it, it’s not completely anonymous, but it is isolated from my main identity (looking from the persepective of my threat model).

4.Professional email account: long-term
i have one more email account which is made on protonmail that is use for professionally, i have setup a different anonaddy account for this, and all work-related sign-ups (linkedin, fiverr, leetcode) are made using the aliases for this account, and this account’s actual email address i share with a selective few (co-workers i’m cool with, old bosses for referrals, that stuff)

Cloud storage:
cryptomator is free for me, i don’t know which version you’re talking about, so i use cryptomator to make a local vault on my system, and copy all my important files into it, now i have two copies on files on my system, one normally, which i work regularly, and one encrypted with cryptomator resting on my drive, now, i signup for google drive or mega (depending on personal preference) and upload this encrypted folder directly as if i would upload any other file, whenever i need my files on another system, i just download the whole folder from google drive and decrypt it by downloading cryptomator on that system and using my password, which is used to make the initial encrypted copy, you can replace google drive with any cloud provider, just make sure you’re using aliases and uploading everything in the cryptomator vault, not just selective folders.

Email providers:

You can really use any email providers for all of this, but i would recommend using gmail for school, because a lot of teachers and students can’t even fathom the fact that there could be email providers other than gmail in this world. and for the personal account, definitely use protonmail, because atleast they promise to not look into your email unlike google, and for the professional i use protomail because it gives me @proton.me domain which looks pretty cool and you can use anything.

hope this helped.
sayonara

4 Likes

I don’t see anything egregiously wrong with what you are doing.
For simplicity sake (and to stay away from Google) you could just use your Proton Mail and have a different email address for each sector of your life.
You’re doing the right thing with the compartmentalization. Just maybe do it all through Proton.

Depending on what tier of Proton you have, you could also use Proton Drive for your cloud storage needs.
I’m just a huge fan of simplifying life.

1 Like

Where are you getting Cryptomator from as it is FOSS (free open-source software) ?

You could look into NextCloud instances that are hosted by other people/companies. I would recommend using Cryptomator to encrypt your files before uploading and/or choosing a provider which supports E2EE (End to end encryption)

1 Like

it’s paid on iOS

1 Like

You got a lot going in your question. If your not degoogling your phone, use one google account for your phone and do not use it for anything else. There are a lot of guides out there for minimizing the damage with your phone and google.
If you must use google services i recommend a second device and a second gmail account for that work, nothing else.
I would not use that gmail account for anything, never ever after activation.

1 account for your phone, never use gmail except for activation on that device.
1 account for your other device, never use gmail except for activation of google services on that device.

Assume Google knows all on those two devices and get a degoogled device for everything else.

1 Like

I run NextCloud on https://cloudamo.com set up was ok.

1 Like

Cryptomator 2 on iOS (The newest one) is free to download. You can decrypt files for free but to encrypt files you have to make a one-time donation $9.99

1 Like

As @niceguy1234 mentioned, you need to do some careful threat modeling before making your choices. Specifically, what do you want to protect, and from whom do you want to protect it?

1 Like

I downloaded it from their website but when I try to use the app it asks for a license key. (I’m talking about the android app)

I’ve never had any experience with the Android app. It is a really good piece of software so you should consider using it on a computer as it is completely free on there (except for dark mode)

1 Like

Cryptomator for desktop is free but the mobile applications have a small one time fee. For the iOS version I use I think the fee just covers the App Store license cost. Presumably it is the same in the Play Store.

Just wanted to let you know that it is no longer necessary to have duplicate copies of your files on your computer to use Cryptomator. You can now directly mount the cryptomator drive in the cloud. I use Google Drive with Cryptomator.

One trade off is that I believe it is necessary to install the Google Drive application on your computer in order to mount the Cryptomator drive exclusively in the cloud. That is a trade off I am ok with for my preference/threat model. Your mileage may vary but just wanted to spread the word that cryptomator does not have to require doubling the storage used on your local system.

Wrong… if your email address is public, you can expect to receive more spam. Protonmail’s purpose is to use end to end encryption in storing your email, so even the email provider cannot read your mail and use it to target ads at you.

I am also a teenager, I would use Protonmail for sensitive communications like banking, healthcare, and stuff like that. I also use my Protonmail when emailing sensitive documents.

I think it’s okay if you have Gmail on your phone. I keep Google Play Services on so I can use Google Find My Device to locate my device if it’s lost or stolen. I find that using clients like K9 mail tend to be unreliable and can introduce additional security holes.

If you’re mostly using FOSS (free and open source) applications, you don’t need to worry about hidden tracking and data collection. You’re better off using the VPN profile on your phone for an actual VPN if you need to use one. MEGA is already end to end encrypted, so Cryptomator is not needed, unless you believe your MEGA account may be compromised.

You can use another email account for games and services that will spam you. I use Gmail as my professional email, because I think Gmail is the most professional domain name for email.

Just because you have 3 Gmail accounts doesn’t mean you need to use all of them. I have 2 Google accounts just for the Google Voice numbers and for Google Photos storage. I use Protonmail and MEGA for sensitive emails and file storage.

Hope this helps!

To me, (my opinion). Veracrypt is what I use. I therefore have three secured Protonmail accounts using the Tor browser. (After encrypt hardest password like ASCII, Then decrypt long passphrase, and you’re in.) Well, I have occasionally used Mail2tor with any website for unknown reasons. No one is aware of my email address, therefore. LOL.