2FA annoys me, I find it irritating to have to grab my phone just so I can type in some random code I receive on my phone. First thing I do when I get home is to put it on silent mode, and have it with my car keys, wallet and passport in the kitchen. Besides, I would go far to not put my phone number online, those I want to have it, I personally give it to.
In essence, don’t put anything online in any form, if you don’t want the world to see. The passwords I use won’t get cracked any time soon seeing they are 30+ characters, if it’s a service I care about or really need.
I don’t use any login with Google, Microsoft, Apple and several others, since my data is, well, mine. If the companies want it, they’d have to pay me. Since I’m not interesting enough for them to mine data on anyways, so nothing would ever change on that matter.
I will never use a single service to store my passwords in a single place, that is in my opinion, to put it nicely, beyond stupid. Instead, remember them or write them on a piece of paper in your home. For a hacker to get them, they’d have to know where you live. Which is less likely than “single service password storage” getting hacked.
I do consider 2FA better than not for some things, it’s all about making it just a bit more cumbersome for a hacker to get in than its worth for them to spend time on you. Therefore, by adding a small personalized step along the way, they will go for someone who does like everyone else.
At the end of the day, nothing is safe from a determined hacker. So make yourself invisible, lean back, have a beer and watch everyone else getting phone calls from India pretending to be Microsoft and consider what value the shared data has, if leaked, before you hit enter.