A few things to add:
1. You need to be particularly careful with Android. There is known malware that can take screenshots of certain app activity, such as opening an app and grabbing your private key or seed. Don’t store large amounts of money on the same phone you just used to download a sketchy app.
2. Same comment for external keyboards. I would not recommend using a random no name, low-cost keyboard purchased on AliBaba.
3. In general, if you are storing an amount you cannot afford to lose, save it with a hardware generated private key (Ledger or Nano). Make sure the device is NEW (not refurbished) and bought on a reputable service. The hardware device never shares the key with your computer, so you are comfortable there.
4. Keep multiple accounts. One or two super secure ones (your savings accounts) that were created with a hardware key and are rarely accessed. It’s easy (and safe) to send money. The attack vectors are when you type or show passwords or keys. Move money routinely from less safe transactional account to safe savings accounts.
5. If using EOS, take advantage of staking as a security mechanism. Sign up for alerts on your account. Keep whatever you can staked. Only use the active key — except if you get an alert that your account has been unstaked and it’s not you. Then you can change the keys and kill the unstaking.
6. The YubiKey / Google hardware 2FA solves a lot of issues, but it does not solve the account creation issue (keylogging / malware) if the computer or phone creating the account has been compromized. Just be aware that high-volume accounts should NOT be created on your active phone or computer. You want to create these on a very clean device that rarely (if ever) touches the Internet.