Your online accounts are important as you do not want to be locked out of your email accounts.
If that online account is used for password recovery for your other accounts, and you are compromised then someone could get access to those email accounts as well.
There are 3 basic steps you should make sure you have done to protect your email account:
- Have a secondary email address for recovery.
- Have a phone number for password recovery.
- Ensure you have activated 2 Factor Authentication.
2 Factor Authentication is the most important thing to do to protect your account.
If someone did guess your password, they will still need the code from say Google / Microsoft / Apple etc that they will send you when you have activated 2 factor authentication to access your account.