Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Do I Really Need a Recovery Email?

Yes. Yes, you do.

Alternate email addresses are an important security setting that can allow you to regain access to your account if it's hacked or you forget your password.
Add Alternate Email Address
Question: OK, I’m confused. How does the recovery email on Google work? Where do I get the messages? Do we really need a recovery email?

Yes, you need a recovery email for every account that offers the ability to set one.

Recovery email is one of those concepts that is easy to take for granted and assume everyone understands. Even if you do, you might want to review the concepts and ensure that the recovery email addresses you have are set up properly.

Become a Patron of Ask Leo! and go ad-free!


Yes, you need a recovery email

Recovery email accounts are separate email accounts you configure to give your primary accounts another way to contact you. Your ability to receive a recovery code on your recovery account proves you are you and should be allowed back into your primary account should you ever be denied access. Make certain to keep your recovery account up-to-date and access it periodically to ensure it’ll be there when you need it.

You need another email account

My example will set up a recovery email address for your Gmail account, but this concept applies to any email account anywhere. It also applies to any non-email service that takes an email account as a recovery or alternate email (like social media accounts, for example).

You start by creating (or using) a second email account.

For example, I have a Gmail account, If I want to set up an alternate email address for that account, I’ll create a new email account somewhere else. In my case, that’ll be

I now have two separate email accounts:

  • The original account — — the one for which I want to specify an alternate email address.
  • A second account — — the account I’ll use as the alternate email address for the original one.

So far, they are completely independent of one another. I can send and receive messages using either. I sign into to access one and for the other.

Setting the alternate

This varies depending on which service you’re using, but for Gmail, visit, look for the section “Ways we can verify it’s you”, and then click on Recovery email.

Gmail recovery email form.
Gmail recovery email form. (Screenshot:

Enter your other email address: the second account that you intend to use as the recovery account. In my case, that’s Click on Next.

You’ll be asked to enter a verification code.

Form to enter a verification code.
Entering a verification code. (Screenshot:

The primary account — my account — has sent an email with a security code to the recovery account I’ve specified. This is to make sure you didn’t mistakenly enter an invalid account or an email address belonging to someone else, and you can actually access that recovery account.

Now, go visit the inbox for that other account. In my case, that means I open for my account. Sure enough, there’s a message in that account’s inbox with a code.

A recovery or verification code message.
A recovery or verification code message. (Screenshot:

Enter this number received on the second, alternate account, into the box that was presented by the first, primary account, and click Verify.

You’ve now told the primary service (Gmail) that this other account (on is also yours.

In my case, I’ve now set up as my alternate or recovery email address for my account. The Gmail servers can now reach me at my address as well, because I’ve set it up and said, “Yep, that’s me too.”

Using the alternate

Ok, great, you’ve got an alternate or recovery email address set up with your account. When would you use it?

When/if you can’t log in.

Your password isn’t accepted for whatever reason. Perhaps you don’t remember it, perhaps a hacker or someone else changed it, but regardless of the reason, you can’t log in.

Then you use the “forgot password” link to begin the account recovery process.

The forgot password link.
The “forgot password” link. (Screenshot:

For most services, this begins a process to confirm you are the rightful account holder and should be allowed to set a new password and regain access to the account.

One way the service does this is by sending a code to your alternate email address, much like they did above when you set it up.

To receive the code, you sign in to that alternate email address. In my case, if I were having problems signing into my Gmail account,, I would go to and sign in to my account to find the message with the recovery code in my inbox there.

Your ability to receive this code at that email address proves you are who you say you are because when you set up the alternate email address, you effectively told the service, “This is me, too.”

Enter the code you received, and the service knows it’s you. Generally, it then allows you to specify a new password.

Reciprocating alternates

At this point, you have two email accounts. In our example, one Gmail account has another, a Hotmail account, set as it’s alternate.

For security’s sake, that Hotmail account should have an alternate email configured as well. The process is similar.

But you don’t need to get a third email account.1 It’s fine to:

  • Set the second account as the alternate for the first, as we did above.
  • Set the first as the alternate for the second.

That way, either account can be used to recover the other should you have problems later on.

The only time this becomes an issue is if you’re having problems with both accounts at the same time. As long as you regularly sign in to each, the chance of this happening is low.

Choosing an alternate

You’ll notice that I’ve explicitly chosen two different email addresses on two different services: Gmail and (aka Hotmail). This is on purpose.

You could, however, have both your primary and alternate email addresses be two different Gmail accounts.

I prefer (and recommend) having alternate email addresses be on completely different services for an additional layer of protection against system-wide issues. For example, if something prevented you from signing in to any Gmail account — perhaps because you’re travelling or some other cause — then having an account on a completely different service stands a higher chance of allowing you to recover the account.

The choice is yours, and it’s more important to have an alternate — any alternate — than no alternate at all. But while you’re at it anyway, choose a separate system.

Maintaining the alternate

I mentioned above that as long as you regularly sign into both accounts, you’re unlikely to have a situation where both fail at the same time.

It would surprise you how many people fail to do this. They spend their lives in their primary account and completely ignore their alternate. Some time — often years — later, when they need the alternate, it’s no longer available. Or they’ve forgotten the password. Or there’s some other hurdle preventing its use.

Sign in to your alternate email address account periodically. Once a month works well, just to make sure it’s still there and ready for you.

Do this

Set up and maintain an alternate email address for every account you can.2 Make sure you continue to access that account periodically, even if you never use it for anything else.

One thing you might do with it is subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Podcast audio


Footnotes & References

1: Unless you want to, I suppose.

2: Some even allow you to set more than one for even more security.

2 comments on “Do I Really Need a Recovery Email?”

  1. I have 4 recovery email addresses and a phone number for all my accounts. Leo’s biggest push is to get people to back up. As with system backups, there’s no such thing as too many backups.

    The article mentions It’s no longer possible to open a Hotmail account. The only available Microsoft mail domain is I highly recommend because it offers a recovery code which should bypass regional blocking and recover lost accounts. I have my recovery emails

  2. I added my recovery email accounts to Thunderbird (IMAP) – that way, I don’t have to specifically remember to log in to maintain accounts that I otherwise never use.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.