I haven’t seen anything like this that I figure out and think will add a layer of security. I have my iCloud.com email for everything. However, I use an alias instead of the main account. This way, if a webpage is hacked, they get an email but will not get into iCloud.com even with password and hacking 2 factor since is an alias and for Apple you are not able to login with it. I will recommend this to all of you.
This is done on test I have done, please let me know your opinion and thought about this.
Good idea, its not perfect but defenately a big step forward. Most importantly use the 2FA!
For signing up on random places or when an email is “required” to access a certain website I often use a temporary email address that vanishes after 10 minutes enough time to receive the message to activate the account
If you buy a domain and host it on FastMail you can set up a catch-all alias (simply use a * when setting up the alias). Anything you send to that domain will work, so you have virtually unlimited aliases. I do the same so any phishing email I receive immediately looks wrong because I know that my Apple ID does not equal my email address.