You've probably got it covered at this point, but FWIW my take on personal data security is this:
- As Ethan said, use a password manager so that it's easy to generate random passwords and keep them secure with a master password that never gets transmitted anywhere.
- Never re-use a password ever.
- If you use an email address to login to important services like banks etc, then consider never sharing that address with anyone else, and use another address entirely for less critical and more public sites. At this point I have around eight legitimate email addresses that I use, and the important ones are known to very few people.
- One of the easiest ways for you to be targeted is for one of the people you've handed out your email address to, to be targeted and so you're reached through their lax security. Obviously you can't stop having friends, but do assess their computer skills critically and only give them one of your less critical email addresses if you think they might get you in to trouble later.
- Never login to hotmail/outlook without using https:// at the start of your url. Make sure any other mail clients you use use SSL where possible.
- Public wifi hotspots while useful are something to avoid in general. Anyone can sit with their laptop in a cafe (set up as a wifi hotspot) and set it's name to "bob's cafe wifi" etc, and then wait for unsuspecting users to login in to that network thinking it's the store supplied one (people generally think nothing of it when they see duplicate wifi network names in the list). The people that do that will forward your data to the actual local wifi so you won't notice the middle-man, but that person will be storing all of the data that travels through their laptop for inspection at their own leisure.
- If you must use public wifi, then don't logon to anything critical using it or browse any websites that would give away too much about yourself and your habits.
There's probably more, but that's all I can think of right now.
Kaz