The only solution that has been reliable is to use multiple signatures from keys stored on different devices
Hardware wallets have also been reliable, even without multisig. What clearly doesn't work is storing secrets on general purpose devices, and it gets worse as you add more and more complex general-purpose layers, with web applications more or less at the apex of this house of cards.