Additionally, it is important to change your password and admin username if someone will help you with your blog and needs your password and admin username to login to perform the job. Admin username and your password changes, after all of the work is complete. Someone in their business may not be if the man is trustworthy. Better to be safe than sorry!
Since scare tactics appear to be what drives some people to take secure your wordpress website a little more seriously, or at the very least start considering the issue, allow me to shoot a few scare tactics your way.
The one I recommend, and the more powerful approach, is to use one of the password creation and storage plugins available on your browser. Many people like RoboForm, but I believe after a trial period, you need to pay for it. I use the free version of Lastpass, and I recommend it for those of you who use Internet Explorer or Firefox. That will generate secure passwords for you.
A snap to move - If, for some reason, you want to relocate your website, like a domain name change or a new hosting company, getting your files at your fingertips can save you oodles of time, headache, and the need for tech help.
As I (our untrue Joe the Hacker) know, people have far too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts that all include logins and passwords you need to remember.
Utilizing a plugin for WordPress security makes great sense. WordPress backups great site will need to be carried out on a regular basis. Don't become a victim because of not being proactive about your own site!