Quoted from avspin:I have an app on my android phone, ipad, laptop and desktop. I can also log into it remotely. All synced.
And all vulnerable to attack from anyone on the internet.
Minimize the information you provide. Use bugmenot to log in places that demand an account but provide no value to having one.
It’s an impossible problem at the moment. If you’re diligent about not re-using credentials you have too many accounts to remember. If you use a password manager you’re vulnerable because you have to sync the password database across multiple devices.
Hardware tokens are great but not supported everywhere and only as secure as the reset process that usually will involve tricking a human. Still worth having them. Yubikey https://www.yubico.com/ and Onlykey https://onlykey.io/ are good options. Search for hardware token, lots of choices.