I think a prefix or suffix has the problem that it is possible to easily grind collisions, if the prefix/suffix is not sufficiently long enough. See all the vanity addresses we have, for example for chai (to fit less bytes for condensing the gastoken), and ENS and the deposit contract, which have a lot of leading zeroes. The XOR idea works well for new contract creations, but I’m not convinced it is viable for EOAs (or even for commitments to CREATE2).
What happens if someone used a conflicting address as a commitment (for example in counterfactual) already? If we start introducing address restrictions, these old, but currently valid, commitments are broken. (Unless we introduce some kind of translation/exception fallback for these cases 
)
If there was the requirement that an account is only valid if it exists in the state (such as in EOS), then it would be “easy” to enforce new rules.