I found this as a Facebook post under "today a previous year" or whatever it is called. As my opinion on this hasn't changed, and it still is a problem, I figured I should publish the text here instead of having it locked in on Facebook.
In my first article regarding increasing online security for normal people, I covered LastPass. Then in my second article I covered how to use a hardware dongle for Two Factor Authentication (2FA). I also use Google Authenticator for 2FA, which is an app that generates time sensitive security codes.