Social engineering is still the #1 hacker tool and a lot of people give out way too much information about themselves.
For services that require an email address, don’t use your public address. Create an email address that you never give out that is just for cloud services. If you’d like to know who’s selling your address you can create a new one for every site and service. If you start getting spam at email@example.com then you know Dropbox has some ‘splaning to do. I have a domain name that I just use for throwaway email addresses. They’re all delivered to one inbox so making a new one is easy to do on the fly.
Also, for those security questions don’t use the real answers. When it asks what street you grew up on don’t use the street you grew up on. Make up something else, even random characters, and write it down so you don’t forget. (Not on the post it stuck to your monitor, please. Put it in a text file on your encrypted drive.)
You are using whole disk encryption, right?