Those +plus aliases still make it easy for people find your actual email address.

We go one step further and generate a random email address for each new service you sign up with. It'll look something like "hot.potatoes4827@mydomain.com".

You can create a new masked email anywhere you have the 1Password browser extension, including our brand new iOS Safari extension.

This is nice in terms of hiding your actual address. However, it makes migrating away harder because now instead of setting a simple rule to strip the + for forwarding, you need to individually map each address.

So what is it that you want? Either you want a masked email or you want an easy way to migrate away. You could still setup trashcan+randomdigits@yourdomain.com manually. Or you could setup a catchall rule for your new provider.

Unfortunately, way too many internet services don't allow the plus sign in an email address. It's weird, but it's true.

Even worse I've had front end systems accept account creation with this address format, but their backend system fails when using some integrated service. The result is 3 months after setting up the account something breaks when I try some other functionality and I have had to contact their help desk and ultimately we stumble through and realize the problem may be my email address.

There are varying level of masking. I would consider an email myusername+random@domain.com as a masked address. Of course it is trivially unmasked. But assuming I am willing to accept that, it does offer a different tradeoff with respect to convenience. It's true though that is fairly trivial to manually add +random

`sed s/[+].*@//` over the email list will get rid of enough "plus" email addresses. Better use a custom delimiter if you're relying on the + character for anything.

> you need to individually map each address.

How hard is that though? Export all email addresses from 1Password (trivial), extract generated emails (trivial), and add forwarding rules for each one in your mail server (trivial to easy depending on your setup).

Maybe not easy for non-savvy users, but neither is a custom domain or even knowing about the + trick.

Or you could just enable a catchall address and get all of them without doing any stripping or mapping.

True although this only works if you're the only user on your domain.

I have an extra domain attached to fastmail which I only use for junk. If you know the domain where my main email lives, you can pretty much guess a couple of aliases which will work. I want my junk mail completely separate from my useful mail

Settings -> Domains -> Team Settings -> Masked email domain.

Disclosure - I work at 1Password, though I had only tangential involvement in this effort

I ended up at https://$mydomain.1password.com/integrations/directory and I can only see Fastmail as an option. Clicking there it asks me to Connect with Fastmail rather than that I can provide my own domain. I already have a wildcard domain setup so I'd like to use it as @davzie mentioned.

You need to OAuth to Fastmail (the service) to hook it up, then as was mentioned above, you can go into the settings in your Fastmail account to choose which domain your Masked Email addresses are created in:

Settings -> Domains -> Team Settings -> Masked email domain

It will default to fastmail.com, but easy to change it.

Oh, I completely misunderstood then, I thought I could do this with just 1Password. I already have email setup myself and don't need Fastmail, so then it seems I cannot use this feature. I'll just continue myself to randomly generate my addresses then...

Well, as I understand it you'd have to do this manually. As in, pick a random alias for the site, use that as you email address there and enter the same one in 1password (or any other credential store).

The full "it just works" integration seems to only work between 1password and fastmail directly.

With fastmail, you can do that already. I do that. I have addresses like some_random_list_I_joined@mydomain.com

True! I've been doing wildcard.company.name@mydomain.com for a few years now with Fastmail. This makes it one step easier to generate that email address, as well as one-click blocking any alias that starts receiving spam.

You can also do things like a wildcard on a subdomain like dodgywebsite@auto.yourdomain.com.

Otherwise subaddressing with + works well with most mail hosts other than Microsoft Exchange / Office365 (which have had endless problems).

That's the way to go. I set up a rule where everything going to *@a.mydomain.com goes into a folder which I largely ignore. Every website gets a unique prefix, e.g. ycombinator@a.domain.com.

The advantage of Masked Emails is that third parties won't even know about mydomain.com. The disadvantage is that you need 1Password to recall which email address you used with a particular website.

You also need to be a Fastmail customer.

> Yes, but if you goal is to hide your identity, this really wouldn't work

It still could.

> Everything is still tagged to your identity, i.e. @mydomain.com.

If your domain is tied to your identity, then yes. But to be extra clear, this should have said "Everything is still tagged to your domain" as not everyone has their domain tied to their identity. I for example have my domain setup njal.la with zero personal details attached to the domain itself, either publicly or at njal.la.

Except now this comment ties your username to that domain ;)

To njal.la? I guess that's fine, I'm not their only user ;)

Maybe not the best idea to provide that info in searchable plaintext tied to an account you own?

Neither my identity here, my domain or my account on njal.la is connected to anything in my real life so not sure why it would be a bad idea?

A comment you made in the past or make in the future could reveal something; simply changing the text to "njal dot la" would prevent a google search of the domain from finding this.