The private key is actually access to coins. If you forget your wallet login password, your phone is stolen, or your computer crashes, you can always access coins from the container using the private key. Therefore, a very basic rule - do not write the private key anywhere on the computer (not in the cloud, such as Google Drive or by emailing it). Before depositing digital coins, it is recommended to create at least two backups of the private key on paper, in case they are found by a stranger. Please note that the order in which the words are written must be maintained.
Most wallets allow you to set an entry password. You must choose a strong password, but remember that there is no way to restore it (most of the wallets do not have the "Forgot Password" option).
Phishing: The phenomenon of phishing is very common in the field of cryptographic currencies. The hacker creates a dummy site, exactly the same as the original site, displays it in ads funded by Google search, and innocent victims provide the fake site with access to the wallet. Be sure to enter only the organic results of Google (and not the sponsored ads) and keep the wallet site in "Favorites".
Securing your computer or smartphone: Be overly careful not to open files from an unknown source. These files may install malicious software.