I get the sentiment about what if's, but when you invest so much into a system, you like to ensure you're doing your best to maintain a positive security posture, at a minimal cost (time, effort). Would you be against the idea of 2FA? I can't remember if things like my Ledger waller uses 2FA for extra protection. I really need to dig that out sometime.