[xqoiu]

"Don't reuse email addresses" should become as common advice as "don't reuse passwords."

Buy a domain and set up a catch-all email address, use a unique one for each service. Alternative options exist as well (Apple's "Hide My Email" for ex.)

Don't do the "add a plus sign at the end of your username to create unique addresses" thing. You still have a single point of failure and it causes weird bugs in poorly designed email addresses validation.

[alufers]

How is setting up a catch-all more secure in terms of account takeover? All the emails still go to one mailbox.

The only benefit is that when a website decides to sell your data or leak it, you know who is to blame and you can block that one e-mail they send the spam to.

[awelxtr]

Security without convenience means users will forfeit security for convenience.

Password managers offer convenience for "don't reuse passwords". You want to "don't reuse emails" become the norm? Implement a tool that removes all the hassle.

[CurrentB]

1password now has exactly this implemented with fastmail integration. You can generate a new email just as easily as a password when you make an account

[alecbz]

That only helps if you actually use different passwords for all those different email addresses.