Interesting story from Wired. What can we all learn from it: 2FA is only as strong as you original method, practicing good password hygiene is the only way to protect your account. Even if it is personal, change your passwords often at least 90 days, use software to keep track of all passwords and creation dates and never rely solely on 2FA even if it is physical key. https://www.wired.com/story/the-full-story-of-the-stunning-rsa-hack-can-finally-be-told/