Knowledge BaseSupportDashboard
‌‌‌‌
‌‌‌‌‌
‌‌‌
‌‌
‌‌‌‌‌‌‌‌‌‌‌‌
‌‌‌‌
    Security & Privacy
    Knowledge Base
    Security & Privacy
    Security Best Practices

    Security Best Practices

    Essential security tips to keep your email aliases and account safe

    3 min read
    Updated May 12, 2026

    A few habits that make a real difference.

    One alias per service

    The whole point of aliases is that when one gets compromised, the damage stops there. That only works if you're actually using separate aliases. If you use the same alias for five shopping sites and one of them gets breached, you don't know which one sold your address.

    It takes two extra seconds to create a new alias before signing up somewhere. Get into that habit.

    Don't put your name in alias addresses

    john.amazon@yourdomain.com tells anyone who sees it both your name and which service it's for. If that alias ends up in a breach dump, it's more useful to whoever finds it.

    Something like shop.a3f9k2@yourdomain.com gives away nothing.

    Enable two-factor authentication

    Go to Settings → Security and enable 2FA. You can use an authenticator app (Authy, Google Authenticator, or any TOTP app) or email OTP.

    When you set it up, you'll get a set of recovery codes. Write them down or store them in your password manager — not on your computer. They're your only way back in if you lose access to your authenticator.

    Use a strong, unique password

    Your AliasFleet password should be one you don't use anywhere else. If you're not using a password manager, start. Bitwarden is free and works on everything. 1Password is worth paying for if you want something more polished.

    A compromised AliasFleet password is more damaging than a compromised random shopping site — your aliases flow through here, so protect the account accordingly.

    Check your active sessions

    Under Settings → Security you can see all devices currently logged into your account. If something looks unfamiliar — a location you don't recognise, a device you don't own — terminate that session and change your password.

    When an alias starts getting spam

    Deactivate the alias immediately to stop the flow. Then create a new alias and update your email address on that service. This is the cleanest response — you don't have to change your real email, you just swap the alias.

    If you suspect a data breach, check Have I Been Pwned to see if that service's data has appeared anywhere.

    AliasFleet will never ask for your password by email

    Any email claiming to be from AliasFleet and asking for your password or login credentials is a phishing attempt. Ignore it and report it to support if you're unsure.

    Was this article helpful?

    Related articles

    Two-Factor Authentication (2FA)

    How to set up 2FA on your account using an authenticator app or email

    Active Sessions

    How to see where you're logged in and revoke sessions you don't recognise

    Changing Your Password

    How to change your password from settings or reset it if you've forgotten it

    What Data AliasFleet Stores

    What information is stored on your account and what we don't keep

    Reporting a Security Issue

    How to report a vulnerability or security concern to the AliasFleet team

    Content

    One alias per serviceDon't put your name in alias addressesEnable two-factor authenticationUse a strong, unique passwordCheck your active sessionsWhen an alias starts getting spamAliasFleet will never ask for your password by email

    Still need help?

    Can't find the answer you're looking for? Our support team is here to help.

    OverviewWhat is AliasFleet?Creating an AliasEmails Not ArrivingContact Support

    Getting Started

    Getting Started
    • What is AliasFleet?
    • Your First Alias
    • Understanding Forwarding
    • Your Dashboard at a Glance

    Account & Billing

    Account & Billing
    • Your Plan and Usage Limits
    • Upgrading to Pro
    • Managing Your Subscription
    • Cancelling Your Subscription
    • Downloading Invoices
    • Support Ticket Limits
    • Membership Tier
    • Billing Cycle and Renewal

    Email Aliases

    Email Aliases
    • Creating and Managing Aliases
    • Activating and Deactivating an Alias
    • Deleting an Alias
    • Sorting, Filtering and Searching Aliases
    • Grid View vs List View
    • Grouping Aliases
    • Alias Categories
    • Copying an Alias Address
    • Per-Alias Email Banner Settings
    • Alias Permission Mode

    Custom Domains

    Custom Domains
    • Adding a Custom Domain
    • DNS Verification
    • Domain Status and Health Indicators
    • Subdomains
    • Removing a Domain
    • Using Your Domain on Aliases

    Destinations

    Destinations
    • What Is a Destination?
    • Adding a Destination
    • Verifying a Destination
    • Setting a Default Destination
    • Reply from Aliases
    • Send New Emails from Aliases
    • One-Click Enable from Bounce Email
    • Removing a Destination

    Security & Privacy

    Security & Privacy
    • Security Best Practices
    • Two-Factor Authentication (2FA)
    • Active Sessions
    • Changing Your Password
    • What Data AliasFleet Stores
    • Reporting a Security Issue

    Settings

    Settings
    • General Settings
    • Profile Settings
    • Alias Settings
    • Destinations in Settings
    • Notification Settings
    • Security Settings
    • Deleting Your Account

    Analytics

    Analytics
    • Analytics Overview
    • Alias Performance
    • Top Senders
    • Trends
    • Bounces
    • Bandwidth Usage
    • Category Breakdown
    • Exporting Analytics Data

    Sender Blacklist

    Sender Blacklist
    • Using the Sender Blacklist
    • Blacklist vs Deactivating an Alias

    Troubleshooting

    Troubleshooting
    • Emails Not Arriving
    • Can't Verify a Destination
    • DNS Not Verifying
    • Can't Log In
    • Replies Not Going Through Alias
    • Alias Not Forwarding
    • Payment Failed
    • Browser Extension Issues
    Privacy·Terms·Cookies