In a nutshell, [after read all above posts] I would say some steps are neccessary to secure accounts:
- Strong password: should be as strong as possible, lower & upper case, letter, etc. And, the account's password should be totally different than any other accounts on other platforms (in the case using the same email for different platform).
- 2FA for email that used to register forum account;
- Strong antivirus software, and keep it always updated.
- Staking bitcoin signed address in the forum;
- Keeping the wallet (on computers) as safely as possible.

All those four steps are essential and enough to secure accounts, in my opinion.

---

I remembered that I read a topic from a Hero/ Ledgendary who get their account back almost immediately after get the email notification.
When I saw the topic again, I will leave the link here.