Byte Me Article 390 – Email Security 2

Secure Your Email Account

Following on from last week’s article about email security today we look at the relative security of different email accounts and their setup.  Firstly, lets explain a few things about email accounts.  If you have an Internet connection, then this is through an Internet Service Provider (ISP).  You pay a monthly amount to your ISP and in return you get a certain Internet connection speed and a certain download quote.

Internet connection speeds vary with connection type – either ADSL, Satellite, Wireless Broadband, NBN Fixed Wireless, NBN Fibre to the Node, NBN Fibre to the Premise – roughly going from slowest to fastest!  In all cases that I know of this same monthly deal with give you a ‘free’ email address with your ISP, whether you use it or not.  For the purposes of this article, we are going to call this an email account.

Some of these free email accounts are more secure than others and we will start with two of the largest but the least secure – BigPond & Optus.  If your email address is **** or **** then you are missing out on some of the security offered by smaller ISP’s.  Smaller ISP’s turn on SMTP authentication which stops a hacker spoofing your email account.  Also, the BigPond mails servers are relay servers that accept all emails and not just their own – again leaving some large loopholes for hackers.

One of the issues here is that these two companies have had various previous email systems running for so long and with so many customers that they have not forced some of the security upgrades that the smaller ISP’s have done along the way.  The same can be said for email password strengths.  We see customers that have been with BigPond for so long that their current 10-year-old passwords do not come close to meeting security requirements.

As a side note, at the other end of the password scale we had a customer with a very long password that worked in the Telstra My Account page but caused problems with the Telstra Web Mail page.  These systems are linked, and the same password is supposed to be pushed from one to the other, however in the instance above the password was getting truncated when pushed to the Webmail system and not allowing access.

Looking further afield to the cloud-based email systems like – which became – which is now (although some of the older emails still work).  This system has had forced security upgrades along the way and is more rigidly controlled and now has enforced password requirements.  Gmail is much the same (currently very secure) – although it has had most of the security and password requirements for a very long time.

More recently anyone signing up to a cloud-based email will be prompted for 2 factor authentication – which can be a mobile phone or an existing email account.  This gives another level of protection once again.  So, what are my suggestions for email use?

For a personal email account, it is hard to beat the system.  For a business email account, I would be recommending the system due to the number of business apps that can tie into it.  Although none of these look as professional as having your own domain – which we will discuss next week. 

Future Byte Me topics can be emailed to [email protected] and Bruce is contactable at Kerr Solutions, 205 Musgrave Street or on 49 222 400.

For more advice and assistance from Kerr Solutions, like and follow us on Facebook