Google is 'gradually rolling out' option to change your gmail.com address
9to5google.com177 points by geox 9 hours ago
177 points by geox 9 hours ago
I wish they'd let me recover my original -- I lost my TOTP generator, and the codes I'd written down in a paper notebook were rejected. I even hunted down the electronic copy in case there was a transcription error -- seemed like some failure in their systems was causing me to lose access despite having followed proper procedures.
Lost a decade and a half of correspondence dating back to my teenage years. I had imported my phone number I'd had since I was 16 into voice, and it doubled as my Signal number. I even had a Gsuite subscription so I could use their (admittedly decently) UI to power my firstname @ lastname dot com email address.
I will never use their services again, I was really digusted by this failure.
I had something kinda similar happen to my hotmail account. While I didn't lose access to it, I lost more than a decade of correspondence dating back to my teenage years. The reason was that Microsoft at some point required you to "login" once every 30 days. It seems they only counted logins through their web interface or something like that, so even though I was receiving emails daily, I didn't trigger a "login" in their system. They then deleted all my emails, but I could still login.
This happened to me ten years ago. A while later they did the same thing with my Minecraft login that I had purchased before the EULA was in place; I’ve avoided their services like the plague since then.
Gmail is a throwaway email. I lost my SIM and hence can't log in anymore.
Never ever rely on Gmail.
I still think about my lost address that I obtained when Gmail was invite only. My family still occasionally CCs it and it drives me nuts, I would pay money to at least have it shutdown so they don’t think I received an email. I had email forwarding to another address when stolen and immediately after it was stolen it had the weirdest messages, I tried multiple ways reaching out to google and it still bugs me I was unsuccessful. I’d love the their of my account to at least have it shutdown
Maybe you should send it enough mail to fill it up and the it would reject emails? Send a bunch of emails with large attachments and avoid getting marked as spam.
I got mine when it was invite only too, I had it a very long time.
I use protonmail now -- I think the "free" model enables providers to shrug and go "hey you don't pay us" (if there is support at all -- I've never been able to speak to a human about this issue)
>I think the "free" model enables providers to shrug and go "hey you don't pay us" (if there is support at all -- I've never been able to speak to a human about this issue)
I also have paid services a lot of money where customer service was nonexistent until I did a credit card chargeback or raised an issue with government regulators.
I'm trying to figure out exactly what I want to push my state legislature to encode into law with regards to customer service minimums that would cover anyone doing business in the state, free or paid.
I'm in the camp that paying makes you a customer. Inversely using a free service makes you a user, not a customer.
And as you correctly note, there I'd no "user service" department.
You can of course push for any law you like, but I expect laws protecting "users" to be toothless. Basically the TOS will boil down to "we can do anything we like" - which I guess is more or less what they say now.
I find it helpful to think of users as distinct from customers because it let's you understand the provider company motivations.
For example, Google's customer's are advertisers. Hence they cull services not conducive to advertising.
Most startups see VCs as the customer. Their business model is to sell shares to VCs in round after round. Seen in that light their attitude to users is rational and users only exist as props to VC sales.
VCs (and founders) are chasing an exit, which is usually acquisition or aquihire. Your use of the service will thus rarely survive the exit.
These are not things to be outraged about. They are all completely rational and predictable outcomes. When you use a service, these are factors you should evaluate.
I had this issue with my alternative account. Despite my main account being associated (not by recovery, I think this predates that feature), and most messages being forwaded to my main I was never able to successfully recover the credentials.
> I will never use their services again, I was really digusted by this failure
Isn’t this inherent to not choosing an (EDIT: external) account-recovery method?
The flip side to allowing account recovery at Google’s discretion is lessened security for everyone. (Obviously not black and white. And I agree Google should have flexibility for old accounts. But it’s an odd thing to reject a major provider over.)
You can have all the right details and recovery methods but if at some point they request you to provide the code they sent to the phone you don't have for the last 10 years......... That's it.
> if at some point they request you to provide the code they sent to the phone you don't have for the last 10 years
AFAIK once 2FA is up, you can remove your phone number from GMail.
I know it takes time to set up a recovery account (in case the account is inactive for x months), to remove a phone number, etc. but if one's GMail is important it could be worth doing both now if it hasn't already been done.
They did have a method to recover their account that they tried, though - they said that they used the account recovery codes, but that they were rejected. (Those would be the codes that Google gives you when you initially set up 2FA.)
When I first got the account, my cell phone was a recovery method. Later in life I imported the cell into google voice... thus when the recovery codes failed, there was no other option.
Sorry, I meant an external recovery method. Another e-mail address or a phone number.
Another email address is useless.
Another phone humber only works if you didn't lose that phone.
Back up your seeds! Aegis for Android lets you do encrypted exports.
Or just write down the TOTP seed on paper backups instead of backup codes.
Works for google (should!) but man there are some platforms that don’t expose the Totp code, or let you redisplay it! Sometimes they make you remove the old one before you can make a new one, too.
Yikes. This post is an unsettling reminder that gmail is a single point of failure in my personal and financial security.
Email services in general. My worst nightmare is my email provider (which isn't Google) going dark and losing access to everything.
You can use a custom domain with most providers, so when they go dark you can at least migrate to another one.
Two things about fronting with your own domain:
1. You have to own that domain forever, until or at least until you're 100% confident that an email intended for you will never be sent to that domain ever again. Even then, there are security risks with giving up the domain.
2. You give up some privacy. You can use mailbox aliases but it doesn't really matter if all the mailboxes are tied to a domain registered to your name and address.
Whois privacy is basically standard these days, no?
Yes but all of your aliases would be under the same domain so one could surmise that the same person uses the domain.
1. A little money solves this. You can register for 10 years at a time. Any decent registrar will blow up your email near your domain’s renewal date regardless of renewal status.
2. Whois privacy solves this. Free from any decent registrar.
That is moving the point of failure to the domain registrar. Which is probably less likely, but you are always relying on someone.
I think that the point here is that your domain registrar will pick up the phone if there is a problem, where Google clearly will not.
I use AWS to register the domain and AWS supports up to 8 different MFA factors. I have totp and 4 different passkeys registered
If you use a password manager like Keepass, you should still be able to log into your other accounts if you lost access and at least with financial institutions you can call, ask that no changes be made with without coming into the branch and showing ID.
Yes, but many companies will also drag their feet, refuse for "security reasons", or you'll just never be able to reach them in the first place because their only support is an AI concierge that tells you the same thing over and over.
As an example Anthropic and OpenAI don't let you change your email address.
Worst case you need to self host
Great when it works. Too many senders will only deliver to widely used hosts, and silently fail for anything outside their tiny allowlist.
Note that I'm not even talking about trying to send email FROM a self-hosted account, but trying to get someone else to send email TO such an account.
Realizing this is why I bought my own domain name and pointed the mx records at Gmail. This way I can change it to different mails servers if needed, even self hosted. One useful thing you can do is configure Gmail to forward mail to unknown address to a known one. So I can create addresses like Facebook@ultrasane.com or Amazon@ultrasane.com, etc
I'm paranoid and print off my TOTP key for each account I make that might matter in any way.
> I will never use their services again, I was really digusted by this failure.
Without such measure anyone with your password could "reset" your 2FA.
The solution to "I may lose my 2FA" is not to make GMail a 1FA: it is to configure beforehand your GMail so that if your account is inactive for 6 months, access to your account is given to a person of your choice. It's so that a death spouse (for example) can eventually access the account.
I wonder if they’ll make it work like Outlook.com’s support for multiple email addresses on the same account which they made a fully first class feature.
Although I primarily use a Gmail for my personal email, I still have a Hotmail address from the 90s.
For at least 10 years now Outlook.com and Microsoft accounts have supported multiple aliases.
This has allowed me to keep my old cringey box name at Hotmail address, but also have a name.surname@outlook.com on the same account, which looks nicer for Microsoft services I use, like Windows login with OneDrive.
This is so useful. a Gmail account is so much more than just an email account at this point. my first gmail account was made when anonymity and cool email was more of trend than your actual name - so i based upon my favorite book in 2006. 20 years later the account is tied to my oft used primary google voice number so lingers even with obscure and hard to spell email.
i could gave moved my google voice number, but it seems like a convoluted process and have had my number since about Grand Central acquisition.
in my experience, in/out porting with google is super quick and works great. It costs $20.00 IIRC. I port my primary phone number around to avoid unlawful surveillance, handy tool in the bag.
Oh, finally. I’m one of the first.last@gmail folks, which I assumed would never change when I was 13 years old (hah!). Fast forward a few years, I got married, and am stuck with my old name in the address.
I have a first.last email, but it's created quite the interesting situation. Turns out some dude in Australia has the same first+last name as me, and he's been using firstlast@gmail.com. As far as I can find from Google's documentation, the email with no dots should be the primary and the one with dots an alias, but I'm guessing because I registered mine ages ago (back in 2006) it takes precedence. I have no idea how he hasn't noticed that his gmail emails are going to another inbox - maybe Google delivers them to us both or something? Regardless, I've gotten very personal emails (like from his therapist) and tried to reach out explaining the situation and asked these parties to let him know he needs to stop using that email, but to no avail.
Honestly the one who is at fault here is Google. If first.last and firstlast are treated as aliases, they straight up should not allow people to create them once the first exists, rather than just send emails to someone else. I've tried to respect my Australian brother's privacy (like not reading his therapist's emails and such), but not everyone is gonna do that.
Are you sure he actually has that address? I get lots of emails mistakenly sent to me, some via a dotted version of my address, but I'm pretty sure those people (or the ones trying to contact them) have just misremembered or typoed their actual address. I'd be very surprised if Google did allow firstlast and first.last to exist as distinct addresses tied to separate acccounts.
He has a different address than yours and has given out an incorrect version to some people (perhaps a misspelling of his name).
The dots are ignored.
I have this same issue! But I can log in with or without dots… but it’s like someone else thinks their email is my email without the dots. I can’t really figure out what is happening. The volume is way too high for it to be spam though.
It would be just he uses a similar email, say last+first@gmail and gives it out incorrectly at times. Or people assume it is his. My friend has a first+last@gmail and I constantly confuse the order (or was it last+first? idk), a decade later. So you two are just seeing a subset of incorrectly addressed email, imo.
I remember a decade+ ago when this was discovered as some issue and caused a bunch of drama in the blogosphere.
If Im not mistaken, periods are ignored entirely. I regularly sign up for free trials with variations on first.last@gmail.com, firstlast@gmail.com, f.i.r.s.t.last, etc and they all come to my inbox.
A bit off topic, but changing your name when getting married is so strange to me. It is not at all common where I live (Belgium), in fact I don't think I personally know a single person who did.
Different cultures, different traditions. Personally I think it's a beautiful symbol of unity for one person to take the other's name (though I'm neutral as to which party should change their name, and I was perfectly willing to take my wife's name if she had wanted that), but of course that's the culture I was born into so it seems normal to me.
Not only is it strange, it’s obviously very sexist in practice. In majority of the cases, it’s always the woman who changes her last name. The husband gets to keep his. I still find it very strange and shocking that powerful women with successful careers in modern society still keep changing their names after getting married.
By such a definition any tradition related to gender would be sexist. The tradition is that the wife will change her name. This tradition is why it makes up the majority of cases.
No, any tradition that favors one gender over the other is sexist. Which is absolutely the case with the tradition of women taking their husband's family name when they get married.
Not really - this “tradition” as you call it obviously started back in the day when women did not have equal rights in society and only the husband’s lineage mattered.
It is not sexist at all, let alone "obviously very sexist". Don't impute malicious motives to people like that, it's extremely rude.
Come on man, I think it's safe to say a tradition that favor's men over women is reasonably sexist, especially given the time the tradition established women were property.
I don't think Belgium's feelings will get hurt, besides wait until you learn about all the other things that Leopold II did.
What last name do your kids use?
Last name of father and mother, respectively.
let motherLastName = "Carter Hughes"
let fatherLastName = "Miller Thompson"
let childLastName = "Miller Carter"
let childFullName = "Jean Paul Miller Carter"
You might ask, —“Why does the father’s last name go first and the mother’s second?”— That’s an old tradition, and it can change whenever enough people in our society agree. As it stands, the father’s family name tends to persist down the family tree, while the mother’s family name often disappears in each generation.
Or so that is how it works in many countries around the world.
You should have given a more complete example, where the parents themselves have long names to demonstrate that something does have to get dropped when you have children.
> What last name do your kids use?
In the country where he lives (Belgium), the parents get to decide which family name the kids get.
Its from the days when women were property of their man.
It hails from when family lines were important, and you can practically only have one line reflected in a name. Unsurprisingly, most societies considered the male's name to be the dominate lineage of interest, although that doesn't hold true 100% of the time.
As someone who has been stuck with an email address I created when I was 13, this would certainly be a welcome change!
Yeah, I imagine this will help a lot of people who created retrospectively-cringey email addresses in their youth, but kept them over the years because of inertia
> After changing, Google details that your original email address will still receive emails at the same inbox as your new one and work for sign-in, and that none of your account access will change.
Boss move that I learned under great difficulty: a new temporary gmail alias for every jobsearch.
You can take this to an extreme (like I do) and use a different email address for every party with whom you communicate. It makes it rather obvious who leaked your email address, and also easy to shut them out (looking at you ActBlue!). It also leads to some amusing personal interactions. I once rebooked a cancelled flight on JetBlue at the ticket counter. When the agent saw my email she said “wow, you must really like JetBlue.” I just nodded but I was laughing inside because it’s definitely the opposite!
I do this as well, and occasionally people get confused and think I work for the company I'm interacting with (enterprise@myname.com is close enough to myname@enterprise.com, I guess.) I usually don't bother to correct them, in case it gets me better treatment :)
The problem is that's guessable. I add a nonce/salt/bit of random chars; enterprise_jeje38@example.com to compensate.
This is how iCloud's "Hide My Email" (suggested to you by Safari at online account creation or filling out any email field basically) works. And then it remembers those random chars for that domain. Also ensures the email delivers to you.
You're dealing with a different type of actor if that's necessary.
the problem is you don't know which actor you're going to be dealing with so you have to start off on that foot with everybody.
I do this too, though sometimes it leads to confusion.
FWIW, Firefox's Relay integrates into Bitwarden so you can generate emails on the fly when creating new accounts. Downside and upside is that I never know what my email address or password is.
The huge benefit is I can write down an email that'll work because I own @somedomain.mozmail.com and it'll always redirect. I do the same thing with cloudflare because I also own myrealname.com
But honestly I hate all this because the real problem is that email is a bottleneck and it is stickier than phone numbers. But my email is floating around on a bunch of lists because I've had it for years. Frankly, gmail is pretty bad about removing spam. There's a lot of spam I catch using simple filters from Thunderbird.
The extra benefit is that I'm planning on moving away from gmail and all these relays make it easier to redirect everything to a new location. So I still recommend it. You can shutdown addresses that are being abused or shared more easily but that's hard to do with your long term email address.
As a hiring manager, I just want to give you a heads up that we are getting tons of fake applicants—like 5–10%—that end up being a real person on a video chat isn’t some AI assistant that uses a teleprompter interface to tell them what to say.
Usually by that point you catch them, but your recruiter screen might not etc. So now all the main HR tools are using “age of email” as one possible signal to detect fraud.
I’m sure you’re fine if your email is real (in my experience they all resolve to Onvoy LLC instead of a real cell provider), but just something to watch out for. Wouldn’t want to get overlooked because your email is brand new.
(If you’re curious about motive as I was, since of course it’ll be obvious when you start—in a lot of cases it’s that procuring an offer letter helps you obtain a visa.)
How would you determine or estimate "age of email"? It isn't really public info. Does it imply that you are by now expected to be doxxed by data brokers to not be judged suspicious?
> I’m sure you’re fine if your email is real (in my experience they all resolve to Onvoy LLC instead of a real cell provider),
Email is expected to be resolving to "a real cell provider"? Wut?
> How would you determine or estimate "age of email"? It isn't really public info. Does it imply that you are by now expected to be doxxed by data brokers to not be judged suspicious?
There are services that let you do that. Imperfect ofc as they rely on data brokers like you said. You can thank all the spammers and carders for that
Stay tuned I have a pretty cool project I plan on launching very soon. It takes the email alias to the next level, using them as meta tags to actually allow users to trace the source of shady data exchanges. I'm working on the guide and I'm hoping to actually start a community effort here to hold companies accountable for responsible use of PII
I'm interested. How does it differ from using:
name+service@gmail.com or service@myowndomain.com
...to figure out where the spam originated?
> service@myowndomain.com
Just be aware that this may be very confusing to customer support agents: https://news.ycombinator.com/item?id=32475178
FWIW, I have been using the companyname@mydomain.com auto-alias for many years now and I've never had it challenged nor rejected by a human or a machine.
Everybody knows name+something@ maps to name@ so it’s trivial for bad actors to strip the plus part and just spam you directly, losing the per-correspondent distinction.
Which is covered by GP's second suggestion. I add short random password-like strings to these aliases to thwart spammers who might be trying obvious aliases, turning e.g paypal@example.com into paypal.nsi873g@example.com
I probably didn’t explain myself well.
On Gmail foo+bar@gmail.com is an “alias” for foo@gmail.com. So if you give someone foo+randomstring@gmail.com hoping that will help you map random string to that particular sender, you’re fucked - because anyone who sees foo+randomstring@gmail.com knows it’s an alias for foo@gmail.com, they can just email that directly and bypass your cleverness.
If you’re using a sane alias provider like you described, then it’s likely not an issue.
In the latter specifically it doesn't differ except for the specific methodology and what we do with the results.
Hm interesting, do you want to tell why this helps out a lot perhaps?
;) I was a by-invitation-beta in 2004, trust me. Even then spammers knew about the +1234 trick too. The earliest throwaway forwarders suffered from explosive growth and spam netblocks and their queue times varied greatly. The golden age of Viagra and recruiters selling prospect lists to randos. I retreated to gmail for the SPOP and because my original address was Tech Contact for 100+ domains from 1994-2000. Thousands a week. If I was smart I'd have used it as a honeypot to feed a spam blocking service.
Don't you get these spam mails either way ?
I have a separate email I only use to get government and public services (gas, electricity) stuff and it still receives a few hundreds of spam a week. At this point I kinda feel whitelisting the mail I want to read is the only sane option, so getting hundreds or thousands of spam mail makes little difference, while managing a portofolio of addresses is a chore.
It might be an iCloud+ feature only, but if you're on a Mac - you've already got the ability to generate virtual email addresses on the fly.
I love this feature and wish something like it would come to Gmail.
I can't rely on iCloud Mail anymore due to its overly aggressive silent spam filtering. Not great if you're trying to log into an account, and you can't receive the recovery emails for that account.
That's funny, as it's the same reason I moved off Gmail. Most egregious was a reply to my message ending up in spam, and the other party was someone also on Gmail
That's where the in:anywhere search is your friend. It searches all mail.
What I mean is, the mandatory spam filter was so braindead it sent a reply to my own message to spam, which is itself absurd, but even moreso because the other party was also using Gmail
You don’t have to use an iCloud account as a target for your real email address or even for your Apple account.
I switched to fastmail, it imported all my gmail mail quickly, and it gives me virtual emails.
myjobapplicationhasbeendenied-1582-timesalready@gmail.com will certainly end well.
I don't understand why they don't allow different domains. "gmail.com" is running low on email addresses; if they added more domains, they'd be able to really scale up their email offering.
Branding and marketing. It makes it crystal clear how popular it is.
And gmail.com isn't "running low" on addresses, I don't even know what that means. Whatever TLD you'd prefer, just append it to your username instead. Exact same amount of uniqueness.
That would have been nice to have during transition. Creating a new account and updating 3rd parties was a huge pain and never got close to 100% completion.
My gmail address is first.last@gmail.com. From time to time (and for years) I get someone else’s at firstlast@gmail.com. I thought that a Gmail account that was first.last@gmail also allowed for email sent to firstlast@gmail (no period) to reach my inbox as well.
I’ve received some sensitive/PII content over the years.
I’ve wondered if this person has access to any of my information?
Not necessarily related to this post, but wonder why and how this could happen.
No, I think what's happening is someone else is confused what their email address is. With Gmail, dots are not significant; any email address with dots is equivalent to the email address without any dots. (So you may have signed up as first.last@, but your email address under the hood is really firstlast. You can also send mail to your f.i.r.s.t.l.a.s.t@gmail.com, and it will be delivered to you.)
I expect that someone else with the same name as you occasionally (or all the time) forgets that their actual email address is flast@gmail.com or lastfirst@gmail.com or some other similar combo, and enters your email into signup forms. Or has friends who guessed their email address and got it wrong. Or something.
That other person doesn't have access to your information.
No it isn't.. it's firstlast@gmail.com [Dots don't matter in gmail addresses](https://support.google.com/mail/answer/7436150)
> I thought that a Gmail account that was first.last@gmail also allowed for email sent to firstlast@gmail (no period) to reach my inbox as well.
Yes, and you've received email that was addressed like that ... so what's your issue?
> I’ve wondered if this person has access to any of my information?
Yes, because "this person" is you.
Handy tip for software testing - Gmail ignores everything after a “+” in the address. So when you’re testing different accounts in your software you can use <youremail>+1@gmail.com, <youremail>+2@gmail.com, <youremail>+3@gmail.com etc. to create many different accounts in the software that all go to the same email address.
That's not just a Gmail feature. It's part of RFC 5233. See "Subaddressing."
> I’ve wondered if this person has access to any of my information?
No. They have just told someone your email address and that someone has sent you stuff. Anyone can do that, if they dream up your email address. People having the same name are a lot more likely to do that.
Happened to me as well. I was the first one of the 50 people or so carrying my name to register "first[.]last@gmail.com" back in 2004. At least two of my namesakes have since mistakenly used my email address. Some people just aren't very detail-oriented.
I bet this is it.
I have a first.lastname@gmail.com, and my namesake has firstmlastname@gmail.com (with middle initial, and I think they originally created the GMail username without periods).
So, I sometimes receive emails intended for him, by people who saw firstmlastname and think it's firstlastname.
Maybe around a hundred emails so far, over the years.
I've gotten good at telling at a glance that an email is for him, without reading it, and forwarding and deleting.
Fortunately, my namesake is a very accomplished good-guy, so I'm happy to help.
I still control my first name @gmail.com from very early on, but have never been able to put it to use because of the relentless torrent of misdelivered email.
I still own and use mylastname@gmail.com. Yeah I get a ton of misaddressed mail, even some from a relatively famous person with the same last name.
Maybe their email is lastfirst@gmail.com, and people occasionally misremember your address and send your correspondence to them. In that case, yes.
More likely their email address is firstlastnumber@gmail.com or firstlast@otherprovider.com though, in which cases the types of mistakes people make are likely asymmetric.
periods are ignored in gmail addresses so there's no difference between firstlast@gmail.com and first.last@gmail.com
Seems useful. But what I really want is a way to merge google accounts, over the course of history I created 3 of them and would really prefer just a single one
I’m tempted to change from peter.clark@ to something more obscure; i get SO MANY emails directed at other Peter Clark’s, it’s bizarre and makes my inbox unusable.
Huh. I have come to find the information about other tclancys across the world an interesting insight. Plus there was the time I was mistakenly sent a resume to review for a guy applying to become bank president; he didn't get the gig, but it wasn't because of the three or four paragraphs I sent him on spiffing up the thing.
I once got an email — addressed to some other pclark@ — which was simply a photo of a duck and the message “what duck is this?” I was so disappointed that he never thanked me for replying accurately and expeditiously.
There’s a class action suit about g suite free accounts that eventually become not free.
Wonder if this will be used for that at some point
Fun fact, if someone knows your email address and clicks “forgot my password” it sends a push notification to the Gmail and YouTube apps asking to confirm or deny the sign in request. They can click that hundreds or thousands of times per day. I know because it happened to me, so I moved all of my accounts off of the email and deleted my YouTube account. :) peace out Google. Thanks for tolerating a completely insane UI, and not allowing me to turn this setting off. I can’t imagine what it’s like for the elderly who have to navigate this completely enshitified landscape.
I really want unlimited aliases for signing up to sites and tracking who is leaking my data.
I sign up with a different email address on every website. (I have a catchall at my domain, rather than using plus-addressing.)
The results are more boring than you think. Almost no one leaks my address. A couple have been hacked, but almost all of those are widely known. (I did discover one early and help Troy Hunt validate a leak.) At least one Kickstarter campaign has shared my address, as has a local business. But that seems to be the extent of it.
I still do it, because I did manage to catch those things, and because it reduces cross-site correlation. But yeah, there's less skeevy behavior than you might think.
mailbox.org hooked up to Thunderbird allows you to do so using custom domains. You can send and receive email as any string @ your domain.
You can do something like email+site@gmail.com and it'll be delivered to email@gmail.com with the site in the To field
Could this be a sign that Google is starting to think again?
For an organisation that often does deeply intelligent things, they spend such a lot of time treating their users unnecessarily poorly because obvious implications seem not to occur to them.
I think they know about them they just don’t care enough to spend money on fixing them. They are still primarily an ad company today and their users are still primarily the product not customers.
Wow this is massive, but will come down to whether you switch to another existing address you have. That is you have example1@gmail.com and example2@gmail.com. The first one has all your decades of data and second is name you've reserved etc. With handles you can release one and use on another account so hopefully option to do the same. Or if they could just update their account migration to support migrating all historic data that would accomplish the same.
One of my email addresses is {MyNameKP}@gmail.com. “KP” were just random letters I picked years ago and they don’t mean anything. I also own {MyName}@hotmail.com. Someone once asked why I don’t use {MyName}@gmail.com, so I went home to try to sign up for it, but Gmail said the address already exists. I figured someone else had it and might sell, so I emailed them. Gmail auto-replied that the address doesn’t exist. Why can’t I register an address that isn’t there? Who knows ¯\_(ツ)_/¯
an here I am still grinding on a mid-90s iname.com handle
Hah, I had one of those. I paid $50 for a "lifetime email service" that later they wanted me to pay monthly for, so I had to bid goodbye to my null.net address
It's incredible that in 2025, Google has sprung for "basic competency" after operating a bad email service for 24 years.
In my case, many years ago I changed my last name. (Turns out a lot of women also do this when they do things like... get married. But also for a progressive company everyone's purchases being permanently locked to their deadname seems... bad.) But all of my Android apps, my entire digital life at the time, was permanently locked to my old name. I had another account I created as a mail forwarder but if people sent an invite to it for a Google thing it wouldn't connect to my real account, and obviously there was an added security risk of someone stealing my forwarding account.
I remember talking to Yonatan Zunger about this problem during the Google+ era and it seemed to be renaming an account wasn't something the company was capable of.
Terrible idea. Will lead to nothing but chaos
gmail sucks, I'm getting 2-3 spam emails a day, am I the only one?
I never really had this issue because I used Google Suite with a domain. (That’s what it was called back then.)
So I can have email aliases under that domain, and even choose the alias for outgoing email.
However! This creates an extra security hole. Once I was SIM-swapped (when the attacker calls up a phone company and convinces them to redirect sms to their SIM). I had used it as a second factor at GoDaddy and had to act fast. GoDaddy had already allowed the attacker to authenticate with the sms (dumb!) and port the domain name. I realized what was happening only because the attacker sent “test” emails to my email at the domain. Had they not done that, I might have been none the wiser. I called GoDaddy and got them to cancel it, thankfully. Otherwise they’d have reset passwords armed with email AND phone number.
Since then I use the non-SMS SECOND FACTOR on most services, as NIST had been recommending for a decade now.
I personally recommend using a username+alias@gmail.com which gmail and others support, with a different but easy-to-remember alias per site, so social attackers can’t even correctly say your email to the dude on the phone.
Michael Terpin, a guy I know, got $27 million dollars in crypto stolen a decade ago by a SIM Swapper and sued AT&T for it. Not sure if he won… he moved to Puerto Rico to avoid taxes and brought Brock Pierce and other crypto bros with him LOL.