Another caveat, if you don’t do this already, you should enable multi-factor authentication on all your accounts, or at least the most important ones (email, banking, social media). This directory is a great resource that teaches you how to enable multi-factor authentication on more than 1,000 websites. (Note that you don’t have to use the multi-factor app promoted on that site, there are plenty of other alternatives.)
Increasingly some online services offer the use of a physical security key or a passkey stored in your password manager, which is one of the highest safeguards to prevent account intrusions that rely on password-stealing malware or phishing.