Ask Paul: December 29 (Premium)

Happy Friday, and welcome to the ultimate installment of Ask Paul of 2023! Let's kick off the New Year a bit early with some great reader questions.

Bitwarden
jrzoomer asks:
Paul, glad to hear you use Bitwarden as your password manager and I've adopted the same for my own use. I had a couple of follow-up questions on it.
I've started an article I hope to publish soon explaining how to properly configure Bitwarden on PC and mobile, mostly because it's too easy to continue using the passwords from your browser even if you've disabled auto-fill, but also because I noticed I have this thing configured differently on different PCs, and it's really hard to make it work consistently. (Or maybe this is just me.) This is probably my biggest gripe with Bitwarden. That and its reliance on a master password. That's a single point of failure right there unless I'm missing something.
Anyway... These questions kind of skirt around the edge of what I'm documenting and maybe will make for useful inclusions there. My
Do you also use the other features available besides passwords, like storing secure notes, or storing documents (like copies of passports, etc.) or do you the cloud like Google Drive?
The only other thing I use it for right now is to store credit cards, which is really just another auto-fill feature, really, and I do like the "copy security code" feature for that. Right now, I'm still using the Personal Vault feature in OneDrive for some secure document storage (things like passport photos, legal document scans, etc.), but part of my wife and I's to-do list includes consolidating that stuff and figuring out where it belongs. I will eventually write that up as part of a digital decluttering series article, I bet.
Besides passwords, do you use 2FA or do you feel that the strong secure password is enough? And if you use 2FA do you use it for every single site that has that feature, or only a few important ones?
I use 2FA everywhere I can. Passwords are never enough.
(Semi-related, I just added a chapter to the Windows 11 Field Guide called Secure Your Microsoft Account that is specifically about enabling 2FA, or two-step verification, on that account type, and the article Tip: Properly Secure Your Microsoft Account came out of the work I did for that. There's a coming chapter about passkeys and security keys that led me to write The Secret Lives of Passkeys (Premium), but I will likely write up a tip about using passkeys in Windows 11 as well.)
Also would like to know, since you set up so many devices, what method you've settled on to store the QR codes for the 2FA time-based token, so that you can access them when getting a new device?
To me, the hardest part about switching phones to date has been switching over all of the account security code generators in my authenticator app. And because I switch phones multiple times each year---granted, not a common problem for most---this is even more painful. So this past year, I switched to...