Nowadays people afraid for their security some time we click the different phising site and lost our account. Hacker is more creative now because they create a phishing site like as original site and people visit and lost their asset. So if you want to secure your account set up 2-Step Verification and install Google Authenticator app on your mobile phone.
Actually a phishing site can also capture your 2FA inputs. They can log in with your credentials and your 2FA as you type in real time. First line of defense is to make sure the site you're visiting is real.
This is a very important topic but it's been discussed more than once in the forum. The only let down I have here is that the forum does not support 2fa authenticator
Bitcointalk doesn't need 2FA - no monetary value to steal for the risk of getting caught.