Many people underestimate how easily their personal information can end up on the dark web, especially when using the same password across multiple platforms.
I agree with your advice on enabling Google Authenticator (2FA) and using separate emails and phone numbers for sensitive accounts. I’d also add that people should regularly check for data breaches on trusted platforms and never click suspicious links that could lead to phishing attempts.