[itake]

I personally like the idea that my bank account has a completely different email and password then any other account.

In theory, criminals don't know where to even try to exploit/phish.

[makeitdouble]

Yes. BTW I still do that, but with a single address, username+myonlinebank@domain.com style. It was easier when I need to give them my email again on the phone or in other circumstances, they can see it's just the same with extra bits.

[itake]

My issue is if username+ecommercewebsite@domain.com leaks my account login: username@domain.com as the + is a known feature. If they are able to access username@domain.com, then they would be able to access password recovery for my bank.

With a separate finance account, even if they figured out how to access my primary personal email. There is still an air gap with my financial accounts.

[dfc]

I tried this route at first. There are enough stupid forms that reject VERP addresses that it's easier to just use different recipients.