Today I’ve been metaphorically running around, changing the listed email address on my online accounts to one of the new ProtonMail(external link) ones I made. I still have many yet to change, but it’s interesting the wildly different experiences I’ve had. Some scattered thoughts:

  • Most sites want me to verify the new address, but some just take my word for it. (More disconcerting is when sites don’t send any kind of confirmation email to the new address at all – I’m pretty sure I didn’t type it wrong, but until I get an email, how can I be certain?! I end up doing something random to trigger an email so I can breathe easy.)
  • A few sites have wanted me to enter my password or do a 2FA challenge before or after reaching the “change e-mail address” form. Most haven’t. (But then again, I haven’t set up 2FA on many sites – I know I know, that’s next on my list! 😜)
  • One site wanted me to confirm from my original email address that I was initiating the change, which seems like a good way to thwart account hackers, but would be annoying if you’d lost access to that original account.

As for why I’ve finally bothered to make this change, I found this blog post(external link) a very relatable read. I, too, first got a Gmail account when you needed an invitation and the amount of storage they offered seemed revolutionary. These days, I realise that the cost of me having my email there is Google mining my data, and I’d prefer the cost of a small sum of money to maintain more privacy. (Acknowledging that this is not a choice open to everyone – although ProtonMail does offer 500MB storage with a free plan, which would do for some things.) If anyone else is thinking of making the switch, this is not a bad how-to with some points to consider(external link).