Probably about 10-12 years ago I almost exclusively used +emails so I could determine with pretty high confidence who had breaches and failed to disclose OR identify companies that had sold my data without disclosure. One of the most recent examples was Robinhood Holdings. +emails only got me so far as 50% of sites don’t properly support the RFC5233 subaddressing standard and it ended up being a massive pain when a sign up page accepts the plus sign, stores an improperly escaped version of that and then you can’t login or never get the verification email.
Fast forward to 2021, apple released hide-my-email which I use practically everywhere which forwards to a burner email just in case. Every site gets a unique email, password, two-factor. I’ll never have 0 risk but this limits my exposure so much it lets me sleep at night. I only provide real information if absolutely required by law.
Fast forward to 2021, apple released hide-my-email which I use practically everywhere which forwards to a burner email just in case. Every site gets a unique email, password, two-factor. I’ll never have 0 risk but this limits my exposure so much it lets me sleep at night. I only provide real information if absolutely required by law.