> As a consumer, I suspect hosting a "holding" domain, and possibly email, with AWS Route53 DNS might be a sensible approach that wouldn't break the bank.
This is what I do.
Totally isolated AWS account that owns `my-account-recovery.com` in my country-code TLD (because I have legal rights and strong and easy access to appeals processes with that, so unlikely the domain could be wrestled from me and likely I could eventually regain ownership if lost).
I use Amazon SES for incoming email to simply drop all incoming messages as objects in a S3 bucket.
I have SNS notifications going out to my regular operational email whenever a new message comes in with the metadata (sender, subject, etc but not the body as that could contain actual reset/account recovery links) so I can keep an eye on what's coming in.
Haven't looked at my bills lately, but including domain renewal and stuff this is maybe $100/yr to establish this as a root of trust/access. Even if other accounts are breached/suspended/etc, I will still have access to this account and can recover my way down from there.
I'm putting all my eggs into the AWS basket here, but I've had a good experience with them in the past and I really can't find any examples of people being locked out of their accounts in the same way I can with Google. And I know from experience that it's not impossible to get in contact with a real live person when it's required to resolve an issue.
This is what I do.
Totally isolated AWS account that owns `my-account-recovery.com` in my country-code TLD (because I have legal rights and strong and easy access to appeals processes with that, so unlikely the domain could be wrestled from me and likely I could eventually regain ownership if lost).
I use Amazon SES for incoming email to simply drop all incoming messages as objects in a S3 bucket.
I have SNS notifications going out to my regular operational email whenever a new message comes in with the metadata (sender, subject, etc but not the body as that could contain actual reset/account recovery links) so I can keep an eye on what's coming in.
Haven't looked at my bills lately, but including domain renewal and stuff this is maybe $100/yr to establish this as a root of trust/access. Even if other accounts are breached/suspended/etc, I will still have access to this account and can recover my way down from there.
I'm putting all my eggs into the AWS basket here, but I've had a good experience with them in the past and I really can't find any examples of people being locked out of their accounts in the same way I can with Google. And I know from experience that it's not impossible to get in contact with a real live person when it's required to resolve an issue.