In password security, the longer the better. With a password manager, using more than 24 characters is simple. Unless, of course, the secure password is not accepted due to its length. (In this case, through STOVE.)
Possibly indicating cleartext storage of a limited field (which is an absolute no-go), or suboptimal or lacking security practices.
I used to do this, but then why revealing even my domain. I have bitwarden integrated with simplelogin, and I get service_garbage@aliasdomain.tld
This way I can easily filter with prefix matching (if I want to), but don’t reveal anything at all about me. Also much easier to be consistent, block senders etc. Plus, I can send emails from all those addresses if I ever need (e.g., support).