Oh. And while I remember, and seeing as my insomnia is being a bitch tonight.
Single factor Auth bad. Multi factor Auth good. With MFA even if you have my password, unless you have my second factor you're not getting in.
SMS second factor sucks, it's too easy to take over someone's number. But tools like Google authenticator are great. Even better is a yubikey. I cannot recommend enough how much a physical token like a yubikey can improve your security.
I have several[1], both for work and personal use. They aren't cheap. About €50 a pop, but the security improvement they provide is incredible.
Stop reading yacf, and go enable multi factor authentication everywhere you can. (Google, twitter, Microsoft, Instagram, etc... they all support some form of mfa).
J
[1] in fact it's a good idea to have a primary and a backup yubikey, so even if you lose one, you can use the backup to reset everything and disable the one you lost. Keep it in your safe, you do have a safe right?