You can keep your Mastodon account extra safe by using Two Factor Authentication (2FA).
To activate this, log in through your server's website and go to
It is slightly tricky to set up, but once it's been set up it's very easy to use.
2FA means that even if someone finds out your password they cannot log in. With 2FA activated, your phone will give you a new code each time you log in to allow your password to work.
p.s. There are LOTS of apps that work with 2FA on Mastodon such as Raivo, Aegis and many others. (They are technically known as "TOTP apps" or "authenticators")
Maybe people can recommend good 2FA apps in the replies?
@feditips I have had enormous success with YubiKey. I am not affiliated with them in any way.
They offer FIDO U2F compliant keys with a lot of features. My primary keys are 5C NFC and work with my iPhone and Macbook. The greatness of what YubiKey created is that the key itself is where the info is stored, not the app like Google/MS. Using my pw-manager (Bitwarden) to store the QR codes allows me to recreate a key if I loose mine, or create a backup key. https://www.yubico.com/