With identity thieves committing fraud to the tune of $37 billion in 2010, it almost feels inevitable that you'll eventually join the 7% of Americans victimized annually.

Maybe so. But that doesn't mean you have to hand criminals the keys to the castle.

In fact, just about 20 minutes worth of work will make any potential identity thieves think twice about stealing from you. These five simple, doable tips show you how it's done:

What You Should Do: Toughen Up Your Passwords.

Why Thieves Hate It: The average person uses the same password and email log-in over and over again, which 'creates tremendous vulnerabilities for people,' says Will Marling, Ph.D., executive director of the National Organization for Victim Assistance, in Washington, D.C., and a certified identity theft risk management specialist.

A hacker who gets his hands on your email and password from a low-security website can use the combo on financial or shopping sites till -- bingo! -- they stumble on an account. To lock down your log-in, skip dictionary words, choose long combos that alternate letters and numbers, and never use the same password twice. Convenient? Not really. But it's much safer.

[InvestingAnswers Feature: 5 Frightening Facts About ID Theft]

What You Should Do: Tighten Up Facebook.

Why Thieves Hate It: When it comes to social media security, you're probably your own worst enemy. According to a recent Consumer Reports study, only 37% of Facebook users have adjusted the program's settings to keep personal info private.

A study from the Identity Theft Resource Center found that the majority of Facebook users post data that can hand an identity thief everything he needs to impersonate you: full name, maiden name, date of birth, current city, hometown, high school, employer, names of family members. If you're not ready to quit Facebook altogether the way Marling has, at least remove the most personal info.

What You Should Do: Set Up Online Access to Your Banking Account.

Why Thieves Hate It: Wait a minute -- isn't online banking dangerous? Well, there's always a risk for hacking, but sitting on the sidelines can be even riskier. That's because it's easier for a clever thief to create an online account for you than to break into your existing account.

'If they can get enough of your information, your account number and so on,' says Marling, 'they can set it up with their password and security questions' -- and basically take over access to your account. Setting it up yourself, with smart passwords, keeps you safer.

What You Should Do: Rename Digital Files.

Why Thieves Hate It: Thieves don't want to have to work that hard. If an identity thief gets access to your computer -- and programs such as peer-to-peer file sharing can open up your laptop like a book -- he'll search by title for important files to steal. The harder you can make it for him to find important stuff at a glance, the safer you'll be.

Marling's recommendation: Keep important financial documents on a flash drive, not your hard drive.

'And if you have to have [files] on there, why does it have to say 'Tax Return 2011'?' says Marling. 'To a thief, that's gold.' By creating a more cryptic file-naming system, you'll up the chance that a hacker may not find what he's looking for.

What You Should Do: Ask Why.

Why Thieves Hate It: Not all identity theft is high-tech -- one reason you should think twice about scribbling Social Security numbers and other personal data on school and medical paperwork. When a hotel clerk wanted to make a color copy of his driver's license, Marling asked what would happen to it. The clerk pointed to a plastic box on the check-in counter. 'Anyone could walk in and grab that!' Marling complains.

Asking questions such as 'Why do you need this? What are you going to do with it? What will you do with it when you're done?' helps you make informed choices about where your information ends up.

The Investing Answer: A few 10-minute changes, such as tightening your password protection, holding the reins to your online banking, keeping Facebook more faceless, renaming digital files, and asking why before you hand out private data, can put a damper on identity thieves' big business.