Like (I suspect) a lot of folks here, I no longer use gmail (or yahoo, outlook, etc) for email.
But I still check those old accounts once a month or so. And yesterday was a good example of why.
There was a message from Parallels: "Confirm access to your Parallels account from an unrecognized web browser."
Welp, that web browser was Chrome on a Windows 10 machine in New York City. And was not me.
Obviously, I changed my password immediately. I hadn't used Parallels in over a decade -- on logging in, my license was literally from a version released in 2011 -- but the old account still existed. Could someone have really done harm with it? Probably not, but I also don't know how many old accounts from software and websites I haven't used in a decade are still around. And how many of those might offer some of my personal info.
I don't have my old email accounts forwarding, since the last thing I want is for my current email to be associated with them, and the second-to-last thing I want is all the spam that would come with it. But I also don't want those accounts gone, because I want to know if any when old accounts get compromised before finding out the hard way.
This is an underappreciated added benefit of using password managers.
On top of keeping credentials secure, it can serve as a book of every account you have credentials for.
About once a year I go through the list and nuke some old/unused accounts.
It’s a lot of work to do that, but in the end, it’s satisfying.
Not only that, but some services (I know Bitwarden can) have a tool that will scan your vault to see if any of the passwords generated by BW have been in a breach online anywhere https://bitwarden.com/help/reports/
Good point. Remember that you always have the option to request the provider to delete all your personal data from the account. At least for services related to EU.
Yes, this is the way.
Even if your account is deleted, some providers keep backups forever or sell off metadata, your digital footprint might still be floaring around.
Very true. A way to mitigate this is before deletion, change all personal data and info to gibberish or random words before deletion.
Obviously not a fool-proof method, since it relies on the premise that if you delete your account, they don't delete the data tables, but if you edit info they might overwrite previous rows of data associated with you with gibberish.
I really never thought about it that way. I just treat them as dead emails, migrate what I need, and everything else stays there forgotten until I decide to log into each one and delete the accounts.
I've been meaning to get rid of my gmail account for many years.
You express a great point to considerate, I have no idea how much personal information will exist on the Internet since I use my email for the first time or the old Messenger I used at the University to talk with friends. 🙀
Not forgetting our old email addresses is essential for security reasons. Many of these accounts are still linked to important services such as social media, banking, or digital platforms. If they’re abandoned without being properly closed, they can become vulnerable to unauthorized access. Additionally, these addresses are often still used for password recovery processes. Keeping control over them—or deleting them properly—prevents unnecessary risks. Digital security doesn’t rely solely on strong passwords, but also on awareness and care for our past digital identity. Don’t leave them behind. 👍
deleted by author