Using email aliases protects your privacy and your security. When using an email alias, a hacker cannot learn your real email address or any other details about you from a data breach. In addition, email aliases can reduce SPAM. In How To Minimize The Amount Of SPAM, Jim Hillier wrote about the differences between disposable email addresses and email alias services and how to use them to minimize SPAM.
But, how do you keep track of all those email aliases? Use a password manager! As many DCT readers know, both Jim Hillier and I use Bitwarden as our password manager. In this post, I will explain how to integrate Bitwarden to use its password/username generator with an external email aliasing service.
What Is An Email Alias
An email alias, also known as a masked email, is an address that forwards any messages it receives to your personal email. Because there is no revealing information in the email alias, your identity is protected when you sign up for online services and subscriptions.
For example, your email address is email@example.com and you create an alias of BZmsd4Uk@alias.com. If an online retailer requires you to create an account to check out, you can use BZmsd4Uk@alias.com instead of firstname.lastname@example.org. You will still receive the receipt that is automatically forwarded to email@example.com, but the retailer won’t have your real email address.
Email Alias And Bitwarden
The Bitwarden Generator allows you to create unique email aliases quickly and easily for five email alias services: SimpleLogin, AnonAddy, Firefox Relay, Fastmail, and DuckDuckGo.
|Company||Free Plan||Paid Plan||FP Aliases||FP Bandwidth|
|SimpleLogin||Yes||$4 / Mo||10||Unlimited|
|AnonAddy||Yes||$1 – 4 / Mo||Unlimited||10 MB/Mo|
|Firefox Relay||Yes||$1 – 4 / Mo||5||Unlimited|
|Fastmail||$3 – 9 / Mo||N/A||N/A|
SimpleLogin, AnonAddy, and Firefox Relay offer a free plan as well as a paid plan. FastMail is an email service that only offers a paid plan. DuckDuckGo is free.
The API key from the email alias account must be registered in Bitwarden. Getting the API keys from the first four is straightforward (go to the account’s settings and look for something like API). However, getting the API key in DuckDuckGo is more complicated.
Since DuckDuckGo is free and the API key is more complicated to get, I will show you how to set up Bitwarden with DuckDuckGo. However, once the API key is determined, the setup and usage are essentially the same for all five services. I will show this using the Brave browser, but the procedure is similar in any browser.
Set Up DuckDuckGo With Bitwarden
In order to set up a DuckDuckGo address, you will need to have the DuckDuckGo extension loaded on your browser. If it is not loaded, you will be prompted to load it. Once you have the API key, you can remove the browser extension, if desired.
First, go to DuckDuckGo, and go through all the signup screens.
Enter your desired email alias and the email address that messages will be forwarded to.
Eventually, it will ask you for a one-time password. Check your email, copy, and enter the one-time password.
When your DuckDuckGo Address has been set up, select the Autofill tab on the DuckDuckGo email protection page and ensure that autofill is enabled.
While on the DuckDuckGo email protection page, open your web browser’s Developer Tools page. In Brave, from the Menu hamburger icon, select More Tools, and select Developer Tools. Or, just type Ctrl+Shift+I. The Developer Tool window will open.
Click the Generate Private Duck Address button and view the Network tab on your developer tools window. Select the Addresses call for the API Request Method = POST, and locate the API authorization item. The item will look like this: authorization: Bearer <API token value>
In the Bitwarden Generator, with generation type = Username, Username type = Forwarded email alias, and Service = DuckDuckGo, copy and paste the DuckDuckGo API Authorization Token value into the API Key field.
Using Bitwarden Generator
When you need a new email alias, in the Bitwarden Generator:
- Generation type = Username
- Username type = Forwarded email alias
- Service = DuckDuckGo
Select Regenerate Username to generate a username and automatically create the corresponding alias in DuckDuckGo. Now use this email alias for newsletters, user forums, online retailers, etc.
The API key is not saved in the Bitwarden vault. It is only saved in the individual Bitwarden extension. I suggest creating an item in your vault and saving the API key. This way, if you are using a different computer, are in a different browser, or using a different browser user profile, you can quickly grab your API key and enter it into the Bitwarden generator.
Using email aliases protects your privacy and your security while reducing the amount of SPAM you receive. You can keep track of all these email aliases in your password manager and create new email aliases in the Bitwarden password generator. Let me know in the comments if you have any questions.
3 thoughts on “How To Use Email Aliases With Bitwarden”
I’m confused as usual.
If I use, as in the example, the alias ‘firstname.lastname@example.org’ this does not hide my real email address as it seems I need a private generated email address as email@example.com which has the note – ‘For sites you don’t trust Private Duck Adresses keep your email identity hidden….’
What is the relationship between the two addresses?
Would the firstname.lastname@example.org hide one’s real address or not? Please advise – thanks.
In the example I gave in my images. testytestersonsDCT@gmail.com would be my real address. email@example.com would be my “main” alias address or public alias address. This is the alias address tied to my API key. firstname.lastname@example.org would be my “private” alias address. Both are masked addresses that will be sent to my real address. Again, both will mask my real address. So, if I gave out email@example.com, it would forward to the gmail address. If I gave out the firstname.lastname@example.org, it would also forward to the gmail address.
I can delete my private alias address (say I’m getting too much SPAM at email@example.com). But I can not delete my main alias address (firstname.lastname@example.org). So, in the example, don’t give out email@example.com. Just give out the privately generated alias emails. Generate as many as you need, just realize that some of the free plans have limits (see the chart in the article).
One strategy is to generate a separate one for each entity you sign up at, and if you receive spam on it, you will know the entity that “sold” your email address.
Another strategy, generate one for each type of entity. i.e. one for shopping sites, one for social sites, one for newsletters, one for forums, etc.
Another strategy, just generate one alias, and use that for everything.
Thank you for your excellent and clear explanation – I’ll try it out.