A scenario that should be practiced based on other people's experience is to use GA on a device that is not connected to the internet. That will provide a good level of security because I know hackers won't be able to do anything as long as the device is not connected to the internet. But I'm sure not many people have done this so far.
Really shocked. How peoples would save their funds where even Google 2FA could steal from the device? If using mobile phone verification then it's also could be stolen with the help of operator helps.
I know that some of us are people who do a lot of CTRL-C and CTRL-V when using code from GA. It reminded me of the @LoyceV thread of how someone loses bitcoin just because of the CTRL-C and CTRL-V for their bitcoin address. It must be user aware (
Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses). In addition, you should not store large amount of asset as a substitute to avoid thing that are not desirable.