I care. I use a generated email address at my domain for every account/service/website. I store the account info in keepass, they all have generated passwords too. I can see when email comes in who abused the email, was compromised, or sold it. If an email starts getting spam, i block receiving to that address. if desired, I update the account to have another generated email, but usually if I'm getting spam to that email I don't want to do business with them again.

Yes, I’ve done this for years. And to be honest, I don’t think I’ve ever “caught” a business sharing a service when they shouldn’t have. Makes me question why continue to do it.

Fastmail offers per-service generated addresses. I think it's kind of fascinating to watch my email address that went solely to my local credit union start sending me spam somewhat related to my employer.

Yes every service gets a custom address.

It's also interesting that some services don't allow [email protected] for registration. (Can't remember which)

Sure do - though I have my own domain, so I don't need subaddressing. If some address gets compromised, I just set it to bounce.

The important detail is to add random nonce/salt to the generated email, like _jri68, so that it's not guessable, so it's provable that the database was compromised. Guessing [email protected] is believable, but guessing [email protected], is not.

[dead]