The following are common methods to make hacking personal online accounts more difficult.
Usernames should never have names or personal identifying information that can be linked to other accounts, home, age, otherwise used to provide for hacking opportunities. Should be random characters.
Email addresses, again should not have any personal identifying information. An email dedicated to only communicate with one financial institution. Not ever used for anything other than account security and recovery.
Usernames 16 random characters, so it won’t show up in any hackers database from scraping the internet.
Passwords 32 random characters, so a computer running brute force hacking would take a 1000 years to try all unique combinations. jAll accounts should have random characters at least 16 characters long, and hand written in a secured log book.
Never use software, VPN, computer directory, or any other digital means to store usernames and passwords. Any digital media can be hacked. Claims otherwise are fraudulent. A software engineer within the company can always provide means for customer information to be exposed.
Windows Defender as a malware software. Malware defense software often breakdown and expose client information. They also lock computer systems and make them run slow. Be very careful about well-known malware defense companies. Choose carefully.
A cell phone used only for financial communications. Not ever accessing any other online websites. Many apps have security holes that allow hackers to gain access to phone resources.
Websites, usernames, passwords, recovery information… all hand written in 2 journals and kept in 2 secure locations: a hidden home locked and anchored safe, and a bank vault.
Home wifi password 16 random characters with a 5 try lockout for 15 minutes. This means for hackers, 1000 years to try every random combination.
Financial Institutions diverting all login activity to a fraud processing system where random activity is recurrent. Raking up hackers and putting them to productive work to dismantle corruption globally. (wouldn’t that be nice)
Don’t broadcast your home SSID.
Call your cell phone provider and set up a random character password, required to allow access to anything in your account. Anyone can call and use identity theft to order a SIM card, and then hackers have control over your Google Authenticator.
I’m sure there are other methods to hack Crypto Exchange access to accounts, and would like to hear how to lock those methods out. But Crypto Exchanges seem to intentionally allow for weak login, as far as I can see.