Assuming an email compromise is catastrophic, as pointed out earlier in this thread, one might as well use a password manager, which allows for maximal password strength, possibly 2FA, total control over the password database, etc.

I didn't mean to imply that this was worse, only that it doesn't really change the threat.