In reply to Ridge:
Generally speaking, people are more at risk from reused passwords than SMS hijacking. So turn on two factor auth every where you can, regardless of it uses sms or not.
You can only remember so many passwords, and if you can remember them, they are probably not that random. Use a password manager and make all of your passwords at least 16 characters and random. Use something like the google authenticator app on anything that will accept it. For example: paypal, gmail, amazon and your password manager.
Your email account is a high priority target, as many sites will send a password reset link to your email account.
Not that it would apply to anyone here, but don't use your machine to visit dubious sites. If you feel the need to visit 'one handed' web sites, then you can run a 'dirty' (no pun) machine as a virtual machine. What that means is that you can run windows, within windows. Check out Virtual box or Vmware. That way, your VM can get infected, and it wont compromise your main machine.
And take backups. Frequently. In multiple ways. Have a physical disk you plugin, backup, then remove. Having it not connected all the time is important. Also some places will give you free cloud disk space. For example you can store photos amazon for free, if you have prime.
You're running an antivirus, right?
Post edited at 17:35