{"id":19859,"date":"2019-12-29T16:01:46","date_gmt":"2019-12-30T00:01:46","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=19859"},"modified":"2019-12-29T16:01:46","modified_gmt":"2019-12-30T00:01:46","slug":"secure-email-process-maclurker","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2019\/12\/secure-email-process-maclurker\/","title":{"rendered":"MacLurker Returns \u2014 Secure Email Decision and Migration"},"content":{"rendered":"<p>Dorothy, aka MacLurker in the <a href=\"http:\/\/podfeet.com\/live\" target=\"_blank\" rel=\"noopener noreferrer\">live chat room<\/a> and in <a href=\"https:\/\/podfeet.com\/slack\">our Slack<\/a> returns to give us an update on her quest for a new secure email service.  She told us about the quest back in  <a href=\"https:\/\/www.podfeet.com\/blog\/2019\/08\/dorothy-email-search\/\">August 9, 2019<\/a> and now she explains how she made her decision and what she&#8217;s doing to migrate to the new system.  Dorothy is extremely thorough and process-driven, which is really interesting (at least to a nerd like me!)<br \/>\n<!--more--><\/p>\n<h3>Recap (where I started)<\/h3>\n<p>What I want to accomplish: change to a secure email provider that would get me privacy &amp; anonymity. Get rid of old compromised email address &amp; start new. Improve email sorting &amp; storing. Develop a consistent email schema that separates critical emails from non-critical.<\/p>\n<h3>What\u2019s been done since then<\/h3>\n<h4>Email provider search<\/h4>\n<p>I started with Bart\u2019s list of Google alternatives for email. Then did some research, asked questions. I created a template in MS Word to be used for all candidates to ensure that a consistent set of data was collected for each one. And so comparisons were easy. Pasted in review data here also.<\/p>\n<h4>Criteria for selection<\/h4>\n<ul>\n<li>Annual cost<\/li>\n<li>Can import contacts\/addresses &amp; how<\/li>\n<li>Can use native MacOS &amp; IOS email client, supports POP (Post Office Protocol) and IMAP (Internet Message Access Protocol)<\/li>\n<li>Can encrypt in transit &amp; at rest &amp; how is it done<\/li>\n<li>Company\u2019s priority is privacy, no tracking, no sale of data<\/li>\n<li>Responsiveness (if I sent in a question, how long until I got answer?)<\/li>\n<li>Reviews<\/li>\n<\/ul>\n<p>Some providers have a free trial period. You sign up, get all the features, but only for 30 days or so. The trial period varied. Others had a free limited feature you could use as long as you wanted, but need to pay to unlock advanced features.<\/p>\n<h4>Final criteria list<\/h4>\n<p>I narrowed the options down to 3, which were all very similar.<\/p>\n<ul>\n<li><a href=\"https:\/\/tutanota.com\/\">Tutanota (Germany)<\/a><\/li>\n<li><a href=\"https:\/\/mailfence.com\/\">Mailfence (Belgium)<\/a><\/li>\n<li><a href=\"https:\/\/protonmail.com\/\">Proton Mail (Switzerland)<\/a><\/li>\n<\/ul>\n<p>Also I looked at Runbox, thexyz, and iCloud Mail.<\/p>\n<p>No reason not to use any of them, so I went with my feelings &amp; picked at random. No regrets yet.<\/p>\n<p>I did not get a new personal domain name, as Bart suggested.  This would make changing email providers easier in the future. Mainly skipped this because it would be an added level of complication with which I just did not want to deal with right now. Plus I\u2019m lazy. I may regret that decision later, but we\u2019ll see.<\/p>\n<h3>Signing up with new provider<\/h3>\n<p>First I created a test plan:<\/p>\n<p>Steps to setting up &amp; checking out a new email provider:<\/p>\n<ol>\n<li>Sign up with new provider. 2FA enabled.<\/li>\n<li>Go through all set-up options available &amp; set as desired.<\/li>\n<li>Read User&#8217;s Guide<\/li>\n<li>Send some emails back &amp; forth for initial test. Tweak settings as needed.<\/li>\n<li>Buy subscription (to get advanced features like whitelist, filters, &amp; aliases)<\/li>\n<li>Create alias for bacon (spam that I&#8217;ve requested).<\/li>\n<li>Create folders &amp; filters for sorting incoming email<\/li>\n<li>Test web access from IOS devices: iPhone &amp; iPad<\/li>\n<li>Set up Mac OS email client to get emails. Test emails to &amp; from. Test sorting into appropriate folders.<\/li>\n<li>Set up IOS email client on iPhone. Test emails to &amp; from. Verify get notifications. Confirmed ease of reading &amp; writing email from iPhone with new provider.<\/li>\n<li>Repeat with iPad.<\/li>\n<li>Change one not-important login to new email. Verify receive messages OK.<\/li>\n<\/ol>\n<h3>Process for changing emails<\/h3>\n<h4>Get list of accounts to be updated from 1Password<\/h4>\n<p>I used the Export function from 1Password (without passwords): File -> Export<\/p>\n<p>You can output your 1Password entries as CSV (comma-separated), TSV (tab-separated), or 1pif (1Password format). If you choose CSV or TSV, you can export specific fields (and not passwords). I selected CSV.<\/p>\n<p>Select one vault. Select which records (or all) to export, then which fields to export. Common Fields list includes: notes, password, title, type, URL, username. But you can select \u201cAll Fields\u201d &amp; get all 140 fields. NOTE: remove password. You don\u2019t want that in an unsecured file.<\/p>\n<p>I selected: title, tags, URL, Username, Vault, Notes.<\/p>\n<p>I added additional columns of my own: New email address, if 1Password would need changing, date of update. I plan to fill these in as my change-over proceeds.<\/p>\n<h4>Import into Excel.<\/h4>\n<p>Now I have list of accounts to update. If I want to use aliases, I can assign here and sort as needed. I can use tags to help classifying, adding new ones as needed.<\/p>\n<p>Also, I can now identify accounts that can be deleted.<\/p>\n<h4>Excel file becomes change-over checklist.<\/h4>\n<p>Initial pass: change those that can be changed online. Note those that can\u2019t.<br \/>\nSecond pass: contact organization &amp; request change\/deletion. So far I have requested that two accounts be deleted. I received a response that the deletion was done.<\/p>\n<h4>Process for each account<\/h4>\n<ul>\n<li>Select an account to update<\/li>\n<li>Add to note in 1Password: old email\/username in case I need to go back, new info if username = email.<\/li>\n<li>Log into account. Locate page to update email &amp; user name. Sometimes not easy to find. Look under \u201cMy Account\u201d, \u201cSettings\u201d, \u201cProfile\u201d. \u201cManage Account\u201d.<\/li>\n<li>Do changes. Sometime website requires verification of new email, sends an email to new email address with link to verify. Need to verify arrives OK, not logged as spam. Occasionally I had to add to whitelist so verify email arrived. <\/li>\n<li>Save changes in 1Password: username (if possible), email for sure.<\/li>\n<li>Log out &amp; back in to verify can still get in.<\/li>\n<li>Add notes, date of change, to Excel check-list. Indicate: change or deletion successful, no 1Password change required (where user-name was not email &amp; no email on file there), if unable to change something (&amp; what, if follow-up needed).<\/li>\n<\/ul>\n<h3>Problems encountered<\/h3>\n<p>Some accounts use email as username. So changing email means changing username; so 1Password change required.<\/p>\n<p>Some don\u2019t allow username to be changed on line. Can be a security problem. Some experts say you need a unique username as well as a unique password for each account. So if you suspect your login has been stolen, it would be nice to be able to change both username &amp; password.<\/p>\n<p>Some don\u2019t allow email to be changed online.<\/p>\n<p>For these, I will probably have to contact each organization individually &amp; see if they will change it for me. May have to delete the account (losing data in the process) &amp; make a new one to get change done.<\/p>\n<p>Another problem: I\u2019m getting bacon type emails on the new system. Like online store notifications. Previously I had these turned off in preferences. It looks like changing the email causes those preferences to be changed. So that added another step to the update process: check email preferences.<\/p>\n<p>I need to note other orgs that need my email &amp; not necessarily a login. I&#8217;ve been noting these as they occur to me. Examples: vet, doctors, newsletters subscribed to, library.<\/p>\n<h3>Current status<\/h3>\n<p>I&#8217;m now working through 142 logins, per the above process. About 67% complete. New system working OK, but things confusing now because using 2 systems of email. That should clear up as I proceed.<\/p>\n<p>I change 3-4 accounts a day so the task is not too overwhelming. I anticipate that it will take a month or so to finish. Final clean-up may take longer as I find things\/logins I missed. I\u2019m starting to get a feel for how things will work with the new system &amp; liking it so far.<\/p>\n<p>I will probably keep my old email addresses at least a year to ensure that everyone is updated.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Dorothy, aka MacLurker in the live chat room and in our Slack returns to give us an update on her quest for a new secure email service. She told us about the quest back in August 9, 2019 and now she explains how she made her decision and what she&#8217;s doing to migrate to the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[147],"tags":[305,849,3668,3632],"class_list":["post-19859","post","type-post","status-publish","format-standard","hentry","category-blog-posts","tag-1password","tag-email","tag-ocd","tag-process"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/19859","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=19859"}],"version-history":[{"count":2,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/19859\/revisions"}],"predecessor-version":[{"id":19941,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/19859\/revisions\/19941"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=19859"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=19859"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=19859"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}