I use one time email addresses for wallet of Satoshi. I have about 5 that were only ever used for that service. Each one is getting spammed with fake PayPal receipts with PDF attachments. Beware.
Precisely why I use https://simplelogin.io/ for everything
reply
me too, but why even link mails to these wallets, seems quite a honeypot.
reply
For sure. But it could also be innocuous - wallet recovery etc.
reply
https://haveibeenpwned.com is a great way to check
reply
I've seen this recommendation so many times but have always wondered what's to stop haveibeenpwned from collecting emails themselves.
Am I overthinking this?
reply
You're not wrong. I think they do show leaks without needing to input your info. I mean, they already have your email. The thing they don't have is whether or not the email is someone that cares about if they've gotten their email leaked, if that makes sense. And maybe tie it to an IP address too.
reply
Yeah, it does make sense, thanks!
I've since read their privacy policy and it seems they do address my concern in there. (See my reply to @nullama)
reply
Fair enough.
It's a legit website from a legit security researcher, but yeah, you would have to trust it somehow....
Keep in mind that most people give away far more personal information on a daily basis than just a single email anyway.
reply
Well, at least their privacy policy includes this assurance:
We do not collect or store your personal information when you conduct a search in the HIBP database. Searching for an email address or phone number only ever retrieves the data from storage then returns it in the response. The data from the search is not explicitly stored anywhere.
You still have to trust them, though...
reply
Good find, yeah they can only do so much.
reply
big if true, it was always just a matter of time
reply
Pretty sure you don't need to use an email with WoS. Oh course even better is to use a non-custodial wallet like Phoenix, Breez, or Blixt.
reply
I think you can create a login to ease recovery in case you lose your phone, but otherwise you don’t need a login or email to use it. I have it installed but haven’t had the need to use it yet. If I got any sats there I’d transfer it to when one these non-custodial wallets.
reply
Right, that's what I meant.
reply
When nostr account creation on WOS?
reply
Start with custodial wallet of satoshi, then move to non custodial mutiny or phoenix.
reply
Color me surprised.
reply
I think the email address I used for that is already super public, so no real loss for me here
reply
Who hasn’t leaked emails at this point. Just be careful about what you open
reply
My frequency in checking my main email acct is now down to about once every other week. It still takes an hour and a half but that's better done when I can spare the time, rather than ten minutes a day when I really have better things I should be doing.
But even with some spam filtering I am totally disgusted with how totally broken from top to bottom email is.
I don't expect email to go away any time soon but as I personally distance myself further with almost anything email related, the less I care how bad are its flaws are and what impacts others are suffering from dependency on it, -- or their loss of privacy from continued use of it.
reply
First sign that you are using a custodial service: they ask for your e-mail.
reply
And people will still not learn the lesson
reply
Self-custody is the answer.
reply
The best defense is to use disposable email addresses 99% of the time. Simplelogin or Duckduckgo email protection.
reply
Been using wallet of Satoshi and haven't ever gotten spam to my email I made to use it.
reply
Wow... 🥵
reply
Which one do you prefer instead of WOS?
reply
That's crazy, thanks for let us know
reply
deleted by author
reply
deleted by author
reply
deleted by author
reply