LOL! password managers and strong passwords are not the savior you think they are.
If your passwords are stolen through malware when you are typing them, which doesn't involve brute force or quality of passwords, also called phishing, then one is still toast. If you have a sim swapping event in combo, you are toast with 2FA.
If you think everything is fine, and someone uses your Microsoft Windows 365 password, they have access to all your password backup files. Nothing will save you if your passwords are stolen and someone wants to get into your accounts. If they find you have 2FA, then most likely they will move on to the next account. If they find out you have a lot of money, such as banking apps on your phone or stolen USPS mail, they will find a way to sim swap your phone by corrupting a phone company employee, kgb style.
What does
help is:
1) always use InPrivate or Incognito modes in browsers when accessing sensitive accounts.
2) Use a hard key instead of a software password:
Options include:
hardware key fob mfa device - Google Search
Impossible to beat a hard key with software, but have a backup hidden somewhere just in case. .
3) Never re-use passwords for sensitive sites.
4) Never have sensitive apps with saved passwords on your phone, especially banking apps where apple store employees can see your account balances, numbers and location.
5) Use the strongest malware protection on your computing devices which you can buy
good luck. . .
former IT / finance guy