This goes for more than just exchanges. You should secure your bank accounts, e-mail accounts, and store accounts with 2FA if possible. Makes it MUCH harder for a criminal to get into your accounts. The Google Authenticator will work with most time based 2FA providers. The most notable exception is paypal. To use a real 2FA token with it and not an SMS messages (which is still considerably better than no 2FA) you have to use the Symantec VIP app and follow some third party instructions.whatever you do with online wallets or exchanges setup two-factor authentication. They claim using a google authenticator app on your phone is much safer than a "text me a pin" setups. This is a rotating set of keys that you setup on your phone that links with the website so only your phone and their website knows what key is active at a specific time. That way no one can spoof your phone number and get your PINs. They'd have to physically have your phone I guess.
In short, turn on two factor authentication and use a good pass phrase = greatly reduced chance a criminal will gain access to your accounts.