I heard that many peoples are complained that their myether wallet has been hacked.they used directoly keystore file or private key to log to MEW. These ways are not a recommend ways i saw two good recommend options to log MEW
1Using metamasak wallet
2 Using a hardware wallet like trezor or nano ledger

So my question is what is the best solution to protect my erc20 using a metamask? or using a hardware wallet ? Or any other option
[/the best option is to store your crypto in hardware wallet like one key classic but why only one key because first of all its been backed up by coinbase and its also opensourced unlike trezor oe ledger and you can check out for for more info ]