I want some opinions on how good this setup is?

Account 1/ Personal + AppleID

  • Really only use the email itself for surfing web and YouTube

  • I have alias emails for every website, newsletter, subscription, etc that forwards to my personal email account

  • Of course unique passwords for everything

  • I even have 2FA on my email aliases

Account 2/ Sensitive Info (ProtonMail account)

  • Only use this account for banking, insurance, medical, and investment

  • I even use aliases for this account as well with anything I don’t 110% trust with my actual email

  • No one knows this email exists besides my bank really

Account 3/ Professional & Work

Account 4/ Recovery (ProtonMail account)


Now for further Security

2FA

  • All my accounts have 2FA on it

  • No SMS messages cause that’s bad. For apps that offer 2FA but only SMS messages as a option, I use it still (it’s better than nothing)

  • When I can I use a authentication app from my phone that’s secured with faceID which I also have backed up through a encrypted zip file and stored on in a cloud storage that also has end-to-end encryption

  • I have backup codes for each account as well that I never store digitally but keep it on paper secured in a vault

Password Manager

  • I use Proton Pass as my default password manager and I love it! 2FA on accounts I care about and faceID to access

  • For things I want to be for sure they’ll not get hacked so easily, I use the “double-blind password” strategy. Basically saving a portion of the actual password in the password manager but adding a unique 4 letter/number identifier at the end for the real password.

With all of this being used I feel pretty secure If there’s any “loopholes” please feel free to let me know.