Multi-factor authentication (aka “two-factor,” or “two-step,” or 2FA) is a really great way to protect yourself (and anyone you’ve ever emailed). There are excellent and detailed guides out there, but the sheer amount of information about how to do things properly can be daunting for someone who has other important things to get done. I’m not saying don’t read all the nuanced details about security, just don’t put off setting it up right now if it seems too complicated.
If you do nothing else to protect your privacy, do this. (If you do two things, start using a password manager.)