The answer to the question is YES you do need a strong e-mail password and pausing to reflect for a few minutes will allow you to realise why. Whether you realise it or not your e-mail account is now the common link between almost everything you do online and also a great source of information to allow a cyber criminal to guess or answer your security questions. By sifting through your e-mails he can gain an insight into where you bank, who you have a credit card with, who you shop with, your Pet's and Children's names etc.
At this point he already has your e-mail address and password and the first thing he will try is to use those credentials on all the regular sites like e-bay, Paypal and anywhere he can see that you like to shop. Given that many sites use your e-mail address as the username he is already half way there so the next important thing to remember is never use the same password that you use for your e-mail on any other account. If you do and somebody gets into your e-mail they are automatically into everywhere else where your e-mail address is the username.
If you haven't used the same password elsewhere that is good but the key thing to remember next is that banks and other organisations use your e-mail address for the password reset function on their websites. Therefore if he can ascertain where you bank he can click the Forgotten Password link and get a password reset e-mail sent to the e-mail account he already has access to. He then resets the password and he is into your Bank account.
The final thing to remember is that once he is in he will automatically reset your e-mail password. The first thing that you will probably notice is that you have been locked out of your e-mail account, you will spot this before any other criminal activity takes place. It is therefore important to make sure you have a password recovery option set, either using your mobile phone or another e-mail address. If not it's going to be difficult for you to get back in. However, rather than go through this worry please set a strong password to begin with and ideally turn on two factor authentication where you use another device like your mobile phone to verify your access to your e-mail account.
There are many good articles on setting a secure password but I will just say avoid the obvious. Pet's names, partner's names, children's names must all be avoided as must Password1 and even Pa55w0rd. All of those will be defeated within seconds as will any word that's in the dictionary. It's best to join together two or three random words and throw in a few capital letters and a special character.
