Thanks for bumping this thread! Now that 3 years have passed, a few things have changed. People are way more concerned by privacy/security due to Snowden's declaration. And it's a huge step forward into security.

There are more and more auto-encrypted services, meant for the lambda end-user, like telegram, tor, alpine mails, tox, ... Encryption have never been so easy to use, you don't even need to know what PGP, RSA or AES is to have your messages encrypted, and feel secure.
More and more services are now using the two-factor authentification too, which is way harder to break then the single old login/password auth system.

But based on a few articles I've read recently, i think the biggest problem is not to secure ourselves. The problem lies in the fact that all your data is exposed to the world, and social engineering makes it fairly easy to break. The days where hackers used to brute force passwords or keys is now gone, and any encrypted data can now be considered "safe" (as long as you're not giving your private keys everywhere...). But as long as there will be data available online, there will always be people to hack their way to it, using social engineering, or lying to your service providers to request a new access. Your personnal/sensitive data should remain personnal or encrypted, and in this case, your private keys should not be available anywhere online.

tl;dr if you don't want to see your data stolen, do not expose it. And never trust anyone, not even you.

Edit: a few links
http://www.thoughtcrime.org/blog/gpg-and-me/
http://swiftonsecurity.tumblr.com/post/9...ut-jessica
http://www.theverge.com/a/anatomy-of-a-hack
https://dirk.to/blog/2015/03/05/internet...urity.html