I was wondering if anybody gets to sniff my wifi and finally finds my pass, so he is able to listen to my encrypted traffic and fully decrypt it (websites without https)!
That is far worse than just using my bandwidth!!
What do you think?
What else the attacker can get?

Well... If an offender plays his cards right and you aren't careful enough he/she can get ALL your traffic in plain-text. Including ssl [https]. It's not that difficult. That also includes your vpn connections. That means you're 100% pwnd. Applying a couple of known CVEs would get offender into your computer's shell. All data, all commands - he can do all he wants. Like infect your pc/lappy with a worm/backdoor using simple scriprs so that antivirus would not treat it as a virus. Infect all media mounted on your pc from that moment on. Through that mefia infect your friends. You name it.... If you click a single button you shouldn't click - you can be completely pwned.

@netikras omg!
Which security methods can i apply?
Can't they be bypassed?

Wpa2 with strong passphrase. The more random chars - the better. The longer - the better.

If you fail at wpa part, your network can be corrupted. If that happens - always know what you're doing on the web. Only click on links you know. Always have latest security updates installed. Never use default passwords or passwords found in tutorials. Do not run applications yo do not need. Keep your router in such a spot so that you can still cover your home but the signal is as weak as possible outside your house/apt.

There's also some more advanced stuff one can do but let's not get into that.

Pretty much all security measures can be bypassed... Welll.. Almost all 😀 you can:t hack a device that is powered off or cut off the network 😁

your step #1 should be strong passphrases everywhere. Wpa2, router, pc user, all network-consuming applications.

#2 - do not click on libks you don't know
#3 - if browser says your connection is insecure better leave it that way - don't do 'advanced->continue anyway'.