Use secure webmail services that use encryption by default, e.g. https://protonmail.com, https://www.hushmail.com, https://tutanota.com, https://www.mailpile.is, https://scryptmail.com
Build and use your own physical server, store it in the secure physical location, use SMTP/IMAP over TLS only, use full disk encryption
Two-step Authentication
Practically eliminates brute force enumeration of your login/password
Special SMS token is sent during the first authentication or special application is used for the authentication (e.g. Google Authenticator)
Of course, it useless if your both computer and smartphone are compromised at the one time.
Set strong & unique passphrase
Avoid to use any dictionary passwords (wordlists for all world languages are publicly available)
Avoid to use any dictionary passwords with number or letter prefixes or suffixes
Use passphrases (more words at once) instead of passwords
Do not use the same password/passphrase on multiple services
Use Mail Encryption
Despite the fact true hackers probably do not use PGP and S/MIMEs (because of many issues, e.g. absence of Forward Secrecy), it can help you a lot
If you use GMAIL, start with https://www.mailvelope.com/
Use Thunderbird with Enigmail PGP plugin
For Android there is APG and PGP KeyRing implementation
You can use K9Mail, Kaiten Mail, K-@ with APG (still PGP/MIME support is missing) or Squeaky Mail with PGP KeyRing (with PGP/MIME support)
For S/MIME there are CipherMail or MailDroid
My favorite mail client candidate is R2Mail2 with great PGP and S/MIME support at once (but it is not an opensource)
Use Secure Webmails
Most free mail services including Gmail do not offer any kind of encryption (of emails or used storage)
They may provide all your emails to the government agents in case of court order
Probably the best countries for secure emails:
Switzerland
Iceland and other Scandinavian countries
Protonmail.com, Hushmail.com, Tutanota.com, MailPile.is, Safe-mail.net, SCRYPTmail.com, use different approach to maintain security
Prefer anonymity?
Always use Tor or i2P browser accessing to your Webmail service
Known Tor hidden Webmail services - Lelantos, Sigaint (be prepared for police raids ... )
Also see http://www.emailquestions.com/encrypted-email-service-providers
New interesting approaches worth to check:
BitMessage https://bitmessage.ch/
Mute http://mute.berlin/
If you are an activist, check https://mail.riseup.net/
Build your own secure mailserver
Use your own physical server located in the secure physical location
Use full disk encryption
Use SMTP/IMAP over TLS
Use strong passphrases / two-factor authentication
Use PGP / S-MIME certificates
Secure server management using TLS client certificates
We can help you with that (www.chrantesvojesukromie.sk, www.chrantesvesoukromi.cz)