Continuing on rfrazier's comment of "vendor/use/account specific" e-mail use. It seems he and I are very close to the same in setup. While I create specific "forwarder" class e-mail addresses for accounts, there is a feature that's becoming more popular that can help others who are not controlling their own e-mail system - "
Plus Addressing". Google/gMail and perhaps others support the feature (cPanel sites look to offer it, Microsoft might too). It can be used to create a unique, use-specific e-mail addresses "on the fly".
With gMail one simply adds a plus sign and some desired text between the username and the @ sign when needing to enter an e-mail address on a form.
Sample@gMail.com could then be
Sample+LastPass2023-01@gMail.com
The custom e-mail address is what would be used for any interaction with Lastpass (the address listed on the LastPass account). Only LastPass and you (and any e-mail system between LastPass and You) should know the custom e-mail address. Any hacker would not likely know that specific address used for your LastPass account. gMail drops any message with a "Plus Address" into your "Sample@" e-mail account. You can, if you choose, use filters to direct messages with a custom address to a specific folder.
When I create account specific addresses I use the company or account name and the YYYY-MM format. This gives me easy identification of where the address is used and when it was put into effect. In normal use every e-mail arriving to me under a specific address should be FROM the entity with the name in the address. Should a message arrive, not sent by that FROM entity - I know the address was compromised and where I need to go to change/update the account with a new e-mail address. The new e-mail address will use the current YYYY-MM date format. That date format also tells me how long the address was in effect with no known compromise and gives a little bit of "random" to the address. The old address is deleted from my forwards list - or in the case of plus addressing, a rule/filter is created to send messages to that compromised address to the trash (once the account that used it is updated with a new address).
Bottom line, using custom addresses is a wonderful and not overly difficult way to manage spam (and give some extra security for login hackers). For those not able to create forwarder addresses on their mail server, PLUS ADDRESSING is an easy and effective alternative.
Addendum:
Much like Steve uses year specific addresses, I started doing the same 2022@; 2023@, one could do the same with Plus Addressing -
Sample+2023@gMail.com and send any "one time use [raffle sign-up entry form, etc] " messages to the year specific address. Come February the next year, I discontinue the prior year custom address.