Ben has an issue with 2-factor authentication. Leo says that text message 2-factor authentication isn't safe anymore because "sim jacking" can occur, by bad guys figuring out what your cellphone number is, and then using social engineering to get them to reassign that number to a new SIM. Once they do that, they have control of the mobile device and can control even 2-factor authentication. That's why Leo supports using an authenticator. He uses a hardware-based model called Authy.
Mike needs a good password manager that can also serve as a VPN. Is there any? Leo says he doesn't think that there is one, but that is a great idea. Leo recommends LastPass or 1Password for a good password vault. As for VPNs, there are a lot of options out there, but beware of free VPNs, because to make money, they sell their traffic. So it really isn't all that secure. Leo recommends ExpressVPN. There's also the Tiny Hardware Firewall.