So I use two-factor authentication on every bitcoin site where I have bitcoin stored. I also use password generators like this:
http://www.random.org/passwords/Should I still be worried? Are there any known incidents of people's accounts still being compromised? Anything else I could do to protect myself?
Depends on the two-factor authentication type. If email, it is not enought.
I'm using Google Authenticator. I also printed out the QR codes used to register at each site in case I lose my phone.