Yes, I know it's late 2016, but since a friend of mine recently got hacked and someone else got scammed by one of those "Microsoft" calls, I may as well share two pieces of advice.
First, use a Password Manager. I love LastPass. If you have multiple devices (and you do), the $12 per year option may be worth it.
This way, you can have crazy passwords that no one else can guess for every account AND not have to remember them.
Second...and absolutely critical is enable 2-factor authentication on every account where you can.
You can do this on Google, Dropbox, Evernote, and many more (including LastPass!).
I have it on 16 accounts.
EVEN if someone does get your crazy password...they would also need your phone.
The BEST app for this is Authy.
You can have that on multiple devices and it's really reliable.
There are a ton of bad people out there who want to steal your info. These 2 steps can't guarantee anything, but they are really easy and make a HUGE impact in increasing your security.