It seems like most businesses are going to multi-factor authentication now, whether you want it or not.
Unplugging your machine every night might help.
Some will let you ‘trust this computer’ but I would only do that with a desktop, never with a laptop that would leave the house.
And I’d never put a banking type app on my phone. That’s generally going to put access + your multifactor in a single place that you could easily lose control of.
93% of breaches occur due to successful phishing campaigns. 99% of those campaigns are unsuccessful if MFA is enabled. Think about that. Why would you want to leave your online protection to a single factor? With phishing-resistant MFA such as FIDO2 keys (YubiKeys) and authenticator apps, it’s impossible for adversaries to bypass those protections without your knowledge and actual involvement. Your mentality should be that you should be confronting any agency that DOES NOT offer MFA, because they’re putting your safety at risk.