You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
WordPress is a system that is secure but applications has their own flaws and security holes are often located on WP. This is why WP frequently releases updates. Once they discovered any vulnerability, they immediately make some changes and provide a new update . First you have to understand the areas where these plug-ins work to help you protect your investment if you wish to know about the secure your wordpress website plugin .
The one I personally recommend, and the more powerful approach, is to use one of the password creation and storage plugins available you can find out more for your browser. RoboForm is liked by people, but I think after a free trial period, you need to pay for it. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will generate secure passwords for you.
Yes, you want to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More. If you make changes and additions to your website, definitely more. If you make changes multiple times every day, or have a community of people that are in there all the time, a daily backup should be a minimum.
As I (our fictitious Joe the Hacker) know, people have way too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts which all come with logins and passwords you will need to remember.
These are three very simple things you can do to keep WordPress secure without plugins. Set a blank Index.html file in your folders, run your web host security scan and backup your whole account.