Coderrob brand logo Coderrob

Hi, I'm Rob—programmer, Pluralsight author, software architect, emerging technologist, and lifelong learner.


Not all dots are created equal... especially in your Gmail address


Tue, 03 Sep 2024

Here’s a quick heads-up that might save you some serious headaches.

Gmail doesn’t treat dots in email addresses as unique. Whether your address is john.smith@gmail.com or jo.hn.smith@gmail.com, if it has a dot a copy of ALL your email gets sent to johnsmith@gmail.com too.

A very close family member learned this the hard way when their identity was stolen. Someone registered a non-dotted version of their email, and it went unnoticed for a while. The result? Credit card fraud…

Gmail’s handling of dots is a well-known trick for creating test accounts—using special characters like dots or plus signs (e.g., j.o.h.n.s.m.i.t+h@gmail.com)—it all still funnels back to the same inbox.

NOTE: If you are feeling “seen” right now, go register the non-dot version of your email, and if it’s already registered, well, fist make sure it wasn’t you in the past, but at this point I’d strongly recommend creating a new email account.

That’s great for testing, but not for your security. If you use a dotted email address, you might not realize who else could be receiving your private emails.

This is just a friendly public service announcement to keep your email security in check.

TIP: Talk to your family about password managers.

ADDED GRATUITY: Check if your email has been Pwned => https://haveibeenpwned.com/