We had a shared address for years (for our dog). About five years ago we registered a new domain, cleansed the domain registration of any identifying information tied to us, and set it up on a shell account. The shell mail setup allows addresses to be “delivered” to multiple mailboxes, so we each have our own mailbox, and there’s a third “archive” mailbox that gets all mail as well. We don’t use catchall forwarding, instead have addresses along the lines of @example.com and some generic ones like “pets@example” and “cars@example”. Also gets around badly written apps that reject something-something@example.com or something+another@example.com addresses.

The logins for the mailboxes are 20+ character userids with 60+ character passwords. If/when they set up MFA I’ll add that as well. If/when “autos@example.com” shows up in a password dump, that’s useless to try logging into the mail service as the userid to log in is something like u9mszjddlwyufhud0jooxhijk1gmxyxc@example.com.

We explicitly didn’t want our banking, car, mortgage, etc emails going into our regular email, so I block retrieval from Google.

Zero consideration about what happens if we divorce. More consideration about what happens if one of us is incapable of providing login information for household accounts (we’ve both had to deal with estate issues when the deceased didn’t write down any login information, as was “good password practice”).

Passwords and other sensitive information are shared in a paid password manager.