Here is some advice on simple cyber hygiene practices to protect yourself online. You really don't have to take extreme steps to bulletproof your online accounts because if a persistent and determined cyber criminals decided to target you (i.e., spear phishing), there is very little you can do to stop them especially if you are a high value target. Luckily most of us don't fall into that category unless you are dumb enough to divulge your personal info by posting on social media that makes you a target. However, with a bit of effort on your part, you can make it slightly harder for cybercriminals to scam you so they will move on to easy targets.
"You don’t have to run faster than the bear to get away. You just have to run faster than the guy next to you."
Trust me, there are still stupid people out there who use "123456" as password (BTW: "123456" is one of the top 10 passwords in 2022 including "password") feeding this fast growing $8 trillion cybercrime business.
Now, how do you make it "slightly harder"? The answer is, as you may have heard many times, don't just rely on user/password alone even if you have a strong password like "~ti0ah5%#W". Though a strong password is the first step in making it harder, it does not always protect you in all cases as there are ways criminals find a way to gain access to your stuff. So, ensure that you enable 2FA (two factor authentication) wherever it is offered. If multiple methods are provided for 2FA like SMS & authenticator, choose the latter as SMS based 2FA is a false sense of security though it is better than just user/password.