Thanks, Asi.
Some more tips:
1. Do not use the same password for everything. Especially, do not use the same password for an e-mail account and anything else that is linked to that e-mail (forums, Facebook, AIM, MSN, etc.).
2. If you have registered somewhere with an e-mail you no longer use, update your profile and change your e-mail for one you're currently using. Otherwise someone may register your old e-mail and gain access to your account.
3. Never use two firewalls or two anti-virus programs at the same time. They can interfere with each other and make your system more vulnerable.
4. Never click on unknown links nor open unknown e-mail attachments, even if a friend is sending them to you. Their e-mail may be compromised. If someone you know sends you a mysterious file or link, ask them what it is before you open it, and make sure you get an answer from that person and not from a machine (it's usually easy to tell, machines tend to say vague things like "it's cool, just try it out" and never give a real explanation).
5. Your e-mail provider will never ask you to e-mail them your password, nor will the authorities of any message board or social network. If you get a message asking for your password, it's a scam. Asi has already said it, but it can't be emphasized too much. NEVER give your password to anyone.
6. Don't store all your passwords on a plain text file, let alone on an online server. Try to use passwords you can remember (it defeats the purpose of having a good password if a hacker can find it more easily than you can recall it). Not a dictionary word nor anything that anyone can associate with you, but something you can recall - for example using a mnemonic rule. If you're not going to use that password frequently and need some kind of reminder for the next time you use it, write something that will help you remember but will be meaningless to anyone else who finds it.