Best practice if you're not trading your stake is to transfer it back to wallets you own. In the case of Steem, this means simply sending it back to your account name. If you're more technical, you can put your stake into "cold storage", which means you send it to keys that have never been on a machine that was connected to the internet.
I think it's really important to use 2FA with your Steemit account ... the way I handle this is I keep my Steemit password in a password manager (LastPass) and then protect that with Duo for 2FA. That way if I somehow have my password stolen, they still would need to steal my phone as well to get into my account. I wrote a guide about setting that up here: https://steemit.com/steemit/@robrigo/security-how-to-how-anyone-can-avoid-losing-access-to-their-steemit-account-with-lastpass-and-duo
Thank you very much for this information. It is very helpful to me!! :)