Do you use the same password across different sites? Have you ever received an email from yourself (somehow), where a hacker tries tries to extort money? Here are some ways to improve your online security.
Do not use the same password across websites
Use a unique password for each site you log into. This greatly decreases your chances of being hacked.
But my one password is super strong
Yes, it may be, but your password strength was never the issue. Obviously you should use a strong password, but if you use a single password, when one website gets hacked, "all" of your passwords are leaked. It's like putting all your eggs in one basket.
Okay, but how do I remember all these passwords?
You don't. Use a password manager.
If you use only iOS, Mac, and Safari, use Apple's password manager, iCloud Keychain. Read more about it here. It's quite easy to use on your iPhone and Mac. Safari will also automatically suggest (and store) strong passwords when you login.
If you use only Chrome, use Google's password manager.
If you use Firefox, use Firefox Lockwise.
My personal suggestion is Bitwarden. It is free and open-source, has a mobile app, browser extension, and web interface, so I can access my passwords everywhere. I only need to keep one master password, which I have written down and kept in ██ ███ ██████.
If you enable two-factor authentication (2FA), a hacker cannot access your account even if they have your password. They will need your mobile phone or secure tokens to log into your account.
Monitor your accounts
Obviously you cannot do all of this overnight. You may not remember that shady game website you signed up for (with your Google password) back in 2012.
To check for data breaches where your personal data has been leaked, use Firefox Monitor. I also highly recommend signing up for their email alerts so you can be notified as and when the breach is detected.
My email has been breached, what do I do?
Check the compromised data. It will likely include email address and password. If so, change your password.