I find it hard to believe that most people on HN reuse the same e-mail and password. That practice has always been known to be stupid. There's a whole thing about it in the movie Hackers... from 1995.
In 2022, your data isn't safe. It's widely known your data isn't safe. You need to take steps to make it matter less when its mishandled.
Don't get me wrong, the Plex infra team should feel bad about themselves, but if this breach in anyway compromises anything else in your life other than your media center -- and if your hashed password gets cracked -- then that's on you in my opinion.
What's the best way to use unique emails. I get that Apple has the 'Hide my Email' feature but it's not clear to me how to best use it, especially outside of Apple ie. Where do I find a list of emails that it's created for me and what they were used for.
Temporary email services don't seem helpful either if you need to go through password reset processes or receive emails after the address has been removed.
Do people just use use custom domains with catch all addresses? Is this really the best way?
Plus, even if my password isn't exposed, I don't appreciate when my email address is exposed, or I have a username able to be linked to an email address.
Now, should I have been smarter and used a burner email address and username unique to Plex? Definitely. But I signed up with them like 10 years ago.
Because most people reuse the same email address and password, and are potentially way more exposed than you are.