As of now, WordPress is already powering 48 of the top blogs online. Apart from that, WP can also be powering 19 percent of the net as a whole. It means that WordPress is actually trusted by a lot of people whenever they want instant creation of sites and blogs.
By default, the latest version of WordPress is pretty darn secure. Anything which may have been added to any rename your login url to secure your wordpress website plugins has been considered by the development team of WordPress . In the past , WordPress did have holes but most of them are stuffed up.
Strong passwords - Do what you can to use a password, alpha-numeric. Easy to remember passwords are easy to guess!
Yes, you need to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More. Definitely more if you make changes and additions to your website. If you have a community of people that are in there all the time, or make changes multiple times a day, a daily backup should be a minimum.
As I (our untrue Joe the Hacker) understand, people have far too many usernames and passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts which all include logins read here and passwords you need to remember.
Whenever your site is new, you do consider needing security but you do have to protect your investment and yourself. Having a site go down and not having the ability to restore it quickly can mean a loss of consumers who probably won't remember to search for your website again later and can not find you. Do not let this happen to you. Back up your site as soon as you get it started, as the site is operational, and schedule backups for as long. This way, you will have WordPress security and peace of mind.