Always activate two-step-authentication when it is available
We are living in a modern world where it is no longer enough to think you have a strong password as it only takes 1 bad website to crack it. Either by spoofing the real website or by social engineering you when unaware. Another place it comes in handy is when livestreaming as people would still need access to your phone or email to actually login in case you spoil the password live.
Another way to secure yourself is by having variations of the same password to differentiate different websites logically. This makes it harder for hackers to gain access to multiple platforms as then need to guess your variation first. This can also be done by downloading a password plugin for your browser to generate randomized strong passwords - just make sure you have a way of recovering your account if the plugin fails you.
Two-Step-Authentication can be done in various ways. The most practiced way is receiving an email when someone is logging in and to ask for you to verify that it is you with a password to enter. Another way is receiving a notification and approving the login through an APP like Authy - which is also the two-step used by Twitch when enabling two-step-authentication on your account.
Some of these services allow for you to receive an SMS if you are unable to reach the app or email from your phone or position for some reason. Anything that tells about your account activity and/or confirms your login attempts will be a great security feature as long as you do not lose access.
Double-up on securing the verification source
The downside of using authenticators is the hassle of changing phone, number or email as most systems require you to deactivate the authenticator and then re-activate it with the new source with a penalty time to make sure of the changes. It is especially annoying if you lose access to your authenticator as you will be completely shut out of all systems requiring its approval and going through a support ticket can be a nightmare.
If you are using your email as authenticator then make sure you secure that email with stronger passwords and add recovery methods to make sure someone else is unable to completely block you out by gaining access. If you are on the other side using a service that sends SMS' then make sure not to lose that number unless you are completely aware of how to transfer the authenticator first.