Securing your online accounts is vitally important. The consequences of being hacked can be great — someone could lock you out of your email account. If that account is used for password recovery for your other accounts, then a hacker could get access to all of those as well. There are a few basic things that you should make sure you do to protect your email account:
1. Provide a secondary email address for recovery.
2. Provide a phone number for password recovery.
3. Turn on 2 Factor Authentication.
Turning on 2 Factor Authentication is the most important thing to do. Even if someone does guess your password, they will still need the six digit code from Google authenticator on your phone or tablet, and that will stop hackers cold.
If you do end up getting hacked, the first thing to do is create a new email address. Then sign into all of your other online accounts and change the password recovery email address to the one you just created. You should also contact the company's support and have them verify your identity in another way. While recovery questions are rather insecure themselves, if you did set them up, they could help prove your identify as well.
Facebook recently has implemented a new security measure where you can designate three trusted contacts for password recovery. If you forget your password, Facebook will send each friend a code, and you'll need to get all three codes to get back into your account. I recommends reading these three articles on what can happen when your accounts are hacked:
Kevin Roos: I dared two expert hackers to destroy my life. Here's what happened.
Mat Honan: How I Resurrected My Digital Life After an Epic Hacking
What we give away when we log on to a public Wi-Fi network