I actually use a YubiKey (WebAuth)for my password manager. But I also have my OTPs in Aegis that’s locally backed up.
Aegis with the password in a YubiKey.
My password manager and I don’t know the password.
I use VeraCrypt over Bitdefender since it doesn’t rely on the TPM.
I don’t have high value items on my laptop, but at least it protects my password manager and credentials.
Is there anything else I should do to harden my laptop?
It’s good enough.
I’m running wired routers with their wifi systems. I have a lot of control over my network.
I actually use a YubiKey (WebAuth)for my password manager. But I also have my OTPs in Aegis that’s locally backed up.