I don't know about you, but I researched to find out what others do to maintain their blog secure, and when I first secured my WordPress site, I found information I was completely confused. And some of the data was in fact over superstitious or the top. People told me to rename this file, rename this folder and set up these ten plugins. It seemed to be quite a bit of work and effort.
Backing up your site also helps in procuring from fix wordpress malware virus hackers. You must keep a copy of your files hide away in backup system so you can be certain of your database. This makes you a protected files that serves you in times of sudden down is the machine. Hackers are not as likely to steal from a bonded back up system.
The one I recommend, and the approach, is to use one of the password generation and storage plugins available on your browser. RoboForm is liked by Lots of people, but I believe after a trial period, you need to pay for it. I use the free version of Lastpass, and I recommend it for those who use Internet Explorer or Firefox. That will generate passwords for you; you then use one master password to log in.
Keep control of your assets - Nothing is worse than important source getting your livelihood in somebody else's hands. Why take chances with something as important as your site?
As I (our untrue Joe the Hacker) know, people have far too many usernames and passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, internet hosting, etc. accounts which all come with logins and passwords you will need to remember.
Using a plugin for WordPress security just makes sense. Backups will need to be carried out on a regular basis. Do not become a victim of not being proactive about your own 16, because!