Using a password manager and 2FA is just the tip of the iceberg.
Check out this great list from @firstname.lastname@example.org and make sure to tick all TODOs. It will take some time but it's worth. The future is not getting more secure if you don't take ownership. https://securitycheckli.st