I use a yubikey with a static password set in slot 2. There’s a shorter mental password I add to the static password. Those combined mean my master password to my password manager is something I know and something I have.
The experience is pretty good except for discoverability of new communities. My Subscribed and All feeds are the same. I started with the official local development docker-compose file and massaged it into place for my setup.
I run my own single user instance, and it was down as well. Not sure why someone would target a single user instance. Not ruling it out, but it seems unlikely.
I use a combination of Heimdall and Authelia to list all my services and control access to internal resources. Authelia is great because it lets you put authentication in front of applications that don’t have a login, including 2FA options.
Another solution might be setting up Syncthing on all your computers. It would present as a folder on the local systems and anything put in there would be synced to the other systems. No logins required.