I'd like to add to this.

2FA is better than nothing, but there are various forms of it:

- SMS authentication is the least recommended 2FA option as a hacker could find a way to take over your mobile (cell) phone as part a SIM swap.

- Use a third-party authenticator app (Duo, Google Authenticator, FreeOTP): This should be the bare minimum for everyone, as these produce randomly-generated one-time codes every 30 seconds.

- A physical security key (e.g. Yubikey) is the safest bet here, as it is (almost?) impossible for a hacker to remotely compromise one of these physical devices.

Someone would need to literally steal this from you to bypass the 2FA with this tiny device.

To reiterate, any form of 2FA is better than nothing. Ideally, you should set up multi-factor authentication (MFA), though this could be deemed overkill for some basic logins.