I was thinking more about having a whole bunch of different domains and having the password manager fetch a new random email address on a random sub domain of a random domain and having that simply forward onto your primary account.

if you are going to have all your eggs in one basket (password manager) you may as well go whole hog!

I have my own domain. I outsource my email to Tuffmail, https://www.tuffmail.com/ Tuffmail gives me a single box with a certain amount of storage. I can create as many email addresses as I want and they all go into that box. If I start getting spam I just check the headers and see which addresses got compromised. If an address gets spammy I can delete it and make a new one. Tuffmail truly has one of the most amazing spam control features ever. I have never got a spam on my real address. My Ubuntu Forum email address is ubuntu-forums@domain. Who cares if it gets into the hands of the hackers. It's fake and not monitored.

Time to use OpenBSD...

And why not use decentralised forum or like retroshare? It's better hack proof..

That'd require paying for multiple domains for what may be overkill. I'd rather stay with a single top-level domain and make time for my planned milter script which will allow me to make multiple e-mail addresses fully transparent by maintaining an SQL table of valid From<->To mappings, modifying outgoing From addresses and incoming To addresses, and validaing the Fro, addresses on incoming mail after To has passed SPF checks.

It started out as a completely independent entity. Then Canonical eventually took it over.

With modern hardware (very fast GPU or dedicated FPGA) and modern approach (using patterns and probabilty in addition to classical dictionnaries and mods to brute force, instead of stupidly using sequencial combinations like 'AAAAA' 'AAAAB', 'AAAAC'...)
even salted/hashed passwords aren't really a challenge.

The only real valid challenge :
- using a proper KDF (key derivation function) like PBKDF-2, or even better like Scrypt and Argon2, instead of simply hashing with SHA-1 like everyone else is doing.
(SHA-1 / SHA-2 / SHA-3 : are designed to run as fast as possible with as least resource as possible so they can be used on hardware like even smart-cards)
(KDF are designed to be intentionally slow - PBKDF-2 use a variable number of rounds - and intentionally resource-hungry - Scrypt and Argon2 have a second parameters selecting a variable buffer of RAM making them inappropriate for cheap GPU/FPGA acceleration)


So either :
- the passwords are protected with Scrypt or Argon2
(and better: the passwords are appropriately segregated on a different place)

- or they are completely underestimating modern cracking possibility.

OpenBSD's core is VERY secure. However, IRC they don't do code review on 3rd-party packages e.g. the KDE stuff.

I see what you did there.
I guess no one cares about great philosophical questions anymore...