Get a password manager
Instead of using the same old passwords over and over again, use a password manager to generate and safely store unique and strong passwords for different websites. Having unique, strong passwords helps prevent hackers from using your data that has been breached or stolen from one website to access your accounts on other websites. Check haveibeenpwned.com to see if you've already been breached.
Only takes 10 minutes to set up.
Enable Two-Factor Authentication (2FA)
Instead of using just a password for your important accounts, add a safety net to protect your personal information by enabling 2FA. This adds an extra layer of protection; any potential hacker has to both know your password and have your phone.
Download an authenticator app: try Google Authenticator (Android, iPhone) or Authy (Android , iPhone). Find instructions for enabling 2FA for each account you care about on twofactorauth.org. Always remember to write down recovery (backup) codes or, if using Authy, enable backups.
Approximately 10 minutes per website.
Get a Virtual Private Network (VPN)
Turn on patching (automatic system updates)
Security patches need to be applied regularly to update your system, so that when new viruses, malware and worms are invented you’ve got all of the latest security holes plugged, keeping yourself safe from the hackers.
Follow these instructions for enabling automatic system updates on mac OS. Check back later for Windows instructions.
Install an encrypted messaging app
Using an encrypted messaging app means that only the people you actually send your messages to can read them. It guarantees the privacy of your communication, and the best apps, like Signal, offer some protection for the privacy of your messaging metadata (compared with WhatsApp, which shares your data with Facebook).
Check your tracking settings
You probably don't realise how much information Google, Facebook, and some other organisations have about you. Their business model is to target advertising as narrowly as possible to demographics and specific interests, which relies on tracking your web browsing, searches, and interactions with other people.
Check what data Google has about you using My Activity, then use their Privacy Checkup to walk through the options for enabling or disabling each type of tracking (note: unfortunately, Facebook doesn't offer an equivalent to My Activity, and doesn't let you configure tracking to this level). Try using a tracker blocking browser add-on: AdGuard. You can also try a privacy-respecting search engine like DuckDuckGo.