Last year and a half taught us that WordPress security should not be dismissed by any means. Between 15% and 20% of the world's high traffic websites are powered by WordPress. The fact it is an Open Source platform and everyone has access to its Source Code makes it a prey for hackers.
There's a part of config-sample.php that's headed'Authentication Unique Keys.' Four explanations that appear within the block will be found by you. A hyperlink is fix wordpress malware fix within that section of code.You change, copy the contents which you return, and must enter that link into your browser. This makes it harder for attackers to rapidly generate a'logged-in' dessert for your website.
This is great news as it means that there is a strong community of users and developers that can further enhance the platform. However there is a group there will always be people who will try to take them down.
Yes, you want to do regular backups of your site. I recommend at least a weekly database backup and a monthly look at this website "full" backup. More, if at all possible. Definitely, if you make changes and frequent additions to your website. If you make changes multiple times a day, or have a community of people which are in there all the time, a backup should be a minimum.
As I (our untrue Joe the Hacker) understand, people have way too many usernames and passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two blog content logins, FTP, internet hosting, etc. accounts which all come with logins and passwords you need to remember.
I prefer to use a WordPress plugin to get the work done. Just make sure is able to do backups, has restore and can replicate. Also be sure that it is often updated to keep pace with all versions of WordPress. There is not any use in backing up your data to a plugin that's out of date, and not functioning.