A cybersecurity expert says you can take these steps to make sure your accounts aren't 'low-hanging fruit' for hackers

Following the same principle, if one site you use is compromised in a data breach, hackers might gain access to the security question and answer you set up in order to reset your password. If you use the same question across sites, it's incredibly easy for hackers to subsequently reset your password on every one of your accounts.

Password-reset questions typically ask for personal information like your mother's maiden name or the street you grew up on. Rather than filling this out truthfully, use false information or an inside joke that hackers wouldn't be able to guess. This tactic may seem counterintuitive, but can be effective, according to Heid.

"I always recommend using a password manager solution like Keypass or something like that to handle all the different passwords," Heid said.

Password managers can generate long, difficult-to-guess passwords and automatically save them across websites, making it easy to keep your passwords diverse and hard to crack.

Be mindful of information that hackers could glean from your public social media accounts — especially if you're using that information for a password reset question.

"Pets' names, kids birthdays, spots you went to for your honeymoon, all of those are common password reset answers that can be obtained from social media. Even stuff like the street you grew up on, that can be found in public records," Heid said.

One of the most surefire ways to thwart hackers is to use multifactor authentication, or logins that verify your identity by sending an SMS code to your phone or an app notification.

"It's an easy way for people to make sure they aren't easy targets," Heid said.