Really assessing likelihood is just part of a larger risk assessment how you manage, store, and backup your data It's worth segregating out the risk here into:
- What can easily be backed up and restored (eg. email, calendars), and so loss of access is easy to tolerate
Email, Calendars, etc can generally be dumped pretty easily using LDAP, CalDAV, whatever in a cronjob and saved locally. Drive data can obviously be synced off too. The value here is pretty low and it's pretty easy to do.
- The value of the email address itself (ie. if you need to go change a hundred accounts using it for signing in vs just change the MX record and send to a different provider)
This is the argument for a custom domain that you own with a different register, and have different DNS hosting, so you can keep it segregated and send email anywhere. You could move to Apple, Fastmail, etc with a custom domain pretty quickly.
Some sites will also send you an email to both old and new email and require hitting links you might not have access to if you lost email, or use email for 2FA. eg. Steam using SteamGuard which is all email based. Losing a large Steam library after losing a Gmail account would be horrible.
- The value of other account using federated GSuite sign-in. It's horrible to lose Google, but then also lose all the sites using it.
A strong argument not to use federated accounts and always use email/password (2FA obvs). 1Pass FTW.
None the above advocates for a specific provider, but personally I'm a fan of Fastmail. Not only because it's ad-free and paid for, but also because they advocate for stronger privacy practices, eg. random emails for accounts in partnership with 1Pass. I know you can use + addressing in Gmail but some providers and spammers detect and handle it. Truly random forwarding Ala Apple and Fastmail is better. Although, also, harder to move away from as you can't redirect those. I use Fastmail's domain and user forwarding. eg. service@service.mydomain.com forwards to my personal email.
- What can easily be backed up and restored (eg. email, calendars), and so loss of access is easy to tolerate
Email, Calendars, etc can generally be dumped pretty easily using LDAP, CalDAV, whatever in a cronjob and saved locally. Drive data can obviously be synced off too. The value here is pretty low and it's pretty easy to do.
- The value of the email address itself (ie. if you need to go change a hundred accounts using it for signing in vs just change the MX record and send to a different provider)
This is the argument for a custom domain that you own with a different register, and have different DNS hosting, so you can keep it segregated and send email anywhere. You could move to Apple, Fastmail, etc with a custom domain pretty quickly.
Some sites will also send you an email to both old and new email and require hitting links you might not have access to if you lost email, or use email for 2FA. eg. Steam using SteamGuard which is all email based. Losing a large Steam library after losing a Gmail account would be horrible.
- The value of other account using federated GSuite sign-in. It's horrible to lose Google, but then also lose all the sites using it.
A strong argument not to use federated accounts and always use email/password (2FA obvs). 1Pass FTW.
None the above advocates for a specific provider, but personally I'm a fan of Fastmail. Not only because it's ad-free and paid for, but also because they advocate for stronger privacy practices, eg. random emails for accounts in partnership with 1Pass. I know you can use + addressing in Gmail but some providers and spammers detect and handle it. Truly random forwarding Ala Apple and Fastmail is better. Although, also, harder to move away from as you can't redirect those. I use Fastmail's domain and user forwarding. eg. service@service.mydomain.com forwards to my personal email.