In addition to Tom’s suggestions, I strongly suggest that everyone who is concerned about their online security take the time to set up 2-step authentication in their Google accounts. This short 3:28 video explains pretty well how it works and how to set it up, but the gist of it is that after setting it up, to log into your Google account you’ll need both your password and a numeric code you’ll receive on your mobile phone (either by text message, voice call, or using the Google Authenticator app available for Android, Blackberry, and iOS). That way, even if someone manages to get ahold of your password, they still won’t be able to do anything with it because they’ll also need to be in possession of your phone. You can also set up a backup phone, like a landline, and print out backup codes to keep in a safe place in case you lose your phone or it gets stolen, so you don’t get entirely locked out.
This may sound like a huge pain in the ass, but trust me, it’s not that bad, and it’s worth it. It’s certainly better than having your online life obliterated.