I like to invest money online. I invest in both cryptocurrencies as well as regular stocks. As my bankroll grows (let’s say 20k+ in the near future), I feel like I need to start taking more serious security measures.
My idea is to buy a cheap smartphone (~100$ ), and use this as a dedicated device. I either directly go to the website of whatever online broker I use. Or I download their app. I create a dedicated gmail address for these accounts, and I only access this gmail account on the dedicated phone. And I set up 2FA, which again, is located on the device. I do not use this device for anything else: no browsing, downloading, etc.
I do not take this phone outside of my house. And I do not connect with it to a Wi-Fi connection which is not under my control. I generally keep the device in airplane mode. And I never use Bluetooth.
For convenience I consider using a popular password manager.
Finally, I split up my bankroll over several online brokers. And I use different (difficult to brute force) passwords, for each account.
Is this safe? Am I overseeing something obvious? What are potential weaknesses/improvements?