Just a quick note regarding 2FA on exchanges: while it is very important to add in my opinion, we must also be wary about the security of the 2FA itself, keeping the backup codes for every exchange we protect with 2FA (and better still, use Authy as a 2FA due to it’s backup capabilities).

Recently I encountered a case on my local board of a person who has 2FA all around, and had his phone stolen. He didn’t have the backup codes to each 2FA protected exchange, and spent many hours trying to remove 2FA on each exchange/site and reinstall it with his new phone. One exchange in particular is a real pain: Hitbtc. The security measures are really high when it comes to trying to disable 2FA after a theft/loss, and you need to prove a bunch of things: IdCard, photos, videos with written specific text, Hash of TXs that served to load assets onto Hitbtc (this can be quite difficult to retrieve), a lot of headaches and time, and the issue is still ongoing after weeks.

In summary: Activating 2FA on exchanges is a yes, but extra care of keeping the backup codes.