Account Management Techniques for Self-Management

When you sign up for services that you use in your blocking setup, you should have a process for managing these passwords so that you can't easily login and disable a level of protection.

Here is my recommended approach to handling emails/passwords.

1) Create a Second Email Account

I recommend creating a second email account that is dedicated to managing accounts related to your blocking setup.

Create a second email account on a service that you don't already use.

I recommend Protonmail . If you already use Protonmail, try tutanota

When you signup for any service used to protect your technology, you will use this new email account as the account email.

Generate a one-time password that you can't remember when you create any new accounts.

Do not store the newly created account's password. Instead, you should initiate a password reset to your email account.

2) Protect Second Email Account

Email providers like Protonmail let you enable two-factor authentication. This usually means you have to enter a code from your smartphone after you attempt to sign in with your email password. This adds another layer of security and also inconvenience.

You can use an app like Authy on Android or iOS to set up two factor authentication. Authy has a simple guide on how to set up 2fa with Protonmail .

Note

Make sure you have a backup plan in case you lose access to the device you use the 2fa app on. Either use backup codes or a master recovery password so that you can restore your 2FA on another device.

3) Store Second Email Password in Encrypted Cloud Vault

Combine a cloud encryption tool like Cryptomator with cloud storage like Dropbox .

I use this approach for a few reasons:

You can't log in to Dropbox from any device and access your passwords since the synced files are encrypted and not readable. You have to have cryptomater installed and configured on a specific device to read those files.
This is a more secure way of storing sensitive information, but we are mainly using this approach to make it less convenient to access your second email password since you can't access the password from any device with an internet connection.

Configure Dropbox

Sign up for the free version of Dropbox
Download and install Dropbox so that you can access your cloud storage files on your computer. The process is similar for both macOS and Windows.

Configure Cryptomator with Dropbox

Download and install an encryption tool like Cryptomator .
Open Cryptomator and add a new vault.

Find your local Dropbox folder and set a name for your new vault. Click save.

This creates a new folder.

Set a password and click "create vault." You'll use this password to unlock the vault in the future.

After creating the vault, you need to enter your password again to unlock it.
Unlock your vault so that you can add files to it temporarily. You can't add files to a locked vault.

Add a text file containing the password you want to protect to your vault. In my case, I store the first half of my Protonmail password here.

Lock your vault.

Navigate to your Dropbox folder to the vault folder you created.
Notice that the text file is replaced with encrypted contents and two masterkey files.
The masterkey file is necessary to unlock the vault. It's saved in the same folder by default. You can save the .bkup masterkey file somewhere else as a backup.

I typically only use one device to access Cryptomator and I don't set it up on any other devices. You could optionally block the download website for Cryptomator so that it's difficult to download and install on another machine.