I back my blogs using a plugin WP DB Backup up. I can always restore my website if anything happens. I use WP Security Scan plugin that is free to scan my site frequently and suspicious-looking requests to be blocked by WordPress Firewall to fix hacked wordpress site.
The one I personally recommend, and the more powerful approach, is to use one of the password generation and storage plugins available on your browser. RoboForm is liked by Lots of people, but I think after a trial period, you have to pay for it. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will click resources generate secure passwords for you.
Exploit Scanner goes seeking anything suspicious through the files on your website comment database and place tables. It also notifies you for plugin names. It doesn't remove anything, it warns you for threats.
Another step to take to make WordPress secure is to upgrade WordPress to the latest version. The main reason behind this is that there also come fixes for security holes that try this website are older which makes it essential to upgrade.
Implementing all of the above will take less than an hour to complete, while making find here your WordPress site more resistant to intrusions. Websites were last year, mainly due to preventable safety gaps. Have yourself prepared and you are likely to be on the safe side.