Heaving a weak password is not as safe as you may think. A simple SQL injection attack or brute force attack can get you a password. It is recommended to use a unique and strong password for your Gmail account.
Using a 2FA authentication provides extra protection to your account. Google apart from your password will also require an OTP sent to you in a message or via Google Authenticator. It is difficult to get the OTP without physical access to the registered personal device.
If a hacker is trying to access your account or trying to reset your password, Gmail sends a recovery password to the registered recovery email address or phone number. Gmail users must add recovery options to secure their account.
It is very important to use a trusted and up-to-date web browser to access your email account. If you don’t use a trusted account, you can fall into the trap of phishing attack. These attacks are crafted to tap your keystrokes and record the password that you may have entered.
One of the most common ways how email accounts get hacked is by spam mails. Many hackers try to access the account by sending malicious emails. If you open such mail, you are likely to end up in a bigger set of problems. It is recommended that you block any such type of mails.