Re: We encourage all customers not to use the same password for multiple sites
This is easily fixable, but only if websites support it.
rather than use: email@example.com, Where websites support it, I use firstname.lastname@example.org (I think you can use underscore to perform the same task)
I started originally using email@example.com but realised that was easily exploitable.
Of course, you can use a password manager and different password per website too to reduce to attack surface even further
Of course, you all know this, but...