There are a variety of strategies for protecting your important online credentials. We often hear about password managers and generators, but for me, the more important strategy is using two-factor authentication (2FA). Passwords can be guessed, phone numbers can be spoofed, but using two-factor authentication essentially requires that user be in possession of a physical device with an app like
![Two-Factor Authentication with Node.js](https://cdn-ak-scissors.b.st-hatena.com/image/square/7ebc8c52aaea71ee81b461bc76a54b08bcb1750c/height=288;version=1;width=512/https%3A%2F%2Fdavidwalsh.name%2Fdemo%2F2fa-google-auth-logo.png)