To avoid major pains with hacked user accounts, ensure you do the following:
A. use a password manager to create ‘memorable’ passwords, e.g. a sequence of words, some upper and some lower case, separated by hashtags and with all letter ‘E’ changed to 3… could have an entropy of 110bits, typically anything above 50 is safe as long as it does not appear on any leaked password list.
B. never reuse passwords, i.e. create unique passwords for every website and login;
C. use a password manager, our favourite is 1password;
D. change your passwords at least once per year;
E. enable 2 factor authentication (2FA), if you do not trust Google with your 2FA a great alternative is the Authenticator app by 2Stable