If you use aliases for all services, it makes it slightly harder to automate trying one leaked email on another site, since the hacker needs to add the new alias on the other service.
No one is going through of all these credentials manually, so any extra obscurity can actually bring you security in a pinch. Although if you have different passwords this shouldn’t matter much…
If there’s one thing I’ve always been wary of, it’s the password manager browser extensions. And I’ve been proven right. Don’t be lazy, it takes 30 extra seconds to do it manually.
Pishing detection is nice though, I’ll admit.