A half and last year taught us that WordPress security should not be dismissed by any means. Between 15% and 20% of the planet's high traffic websites are powered by WordPress. The fact it is an Open Source platform and everybody has access to its Source Code makes it a prey for hackers.
By default, the newest version of WordPress is pretty secure. Anything which may have been added to some how to fix hacked wordpress plugins has been considered by the development team of WordPress . In the past , WordPress did have holes but most of them are filled up.
Strong passwords - Do your best to use a strong password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are also easy to guess!
Yes, you want to do regular backups pop over here of your site. I recommend at least a weekly database backup and a monthly "full" backup. More, if possible. If you make additions and changes definitely more. If you have a community of people that are in there all the time, or make changes multiple times every day, a backup should be a minimum.
It's time use this person's name and identity and to sign up for a Facebook accounts. Once I get it all More Bonuses set up, I'll be emailing you posing as your friend and asking you to be friends with me on Facebook (or Twitter, or whichever More Bonuses societal site).
Software: If you have installed scripts that are free search Google for'wordpress security'. You will get tips.