Internet marketers create blogs and websites to offer services and their products. Basically, their goal is to make money. This is the reason why the majority of the website owners only focus on the website's rank as well as the design and its contents. Well, users do not actually care about other things aside from the contents of your website and the design. They will not even care about the safety of site or your blog. However, by creating a website, even if security is not your concern, it has to be your top priority.
Since scare tactics appear to be at least start considering the issue, or what compels some people to take fix wordpress malware protection a bit more seriously, allow me to shoot a scare tactics your way.
The one I recommend, and the approach, is to use one of the generation and storage plugins available on your browser. RoboForm is liked by people, but I think after a trial period, you have to pay for it. I use the free version of Lastpass, and I recommend it for those who use Internet Explorer or Firefox. That will generate passwords for you.
Yes, you want to do regular backups of your website. I recommend at least a weekly database backup and a monthly "full" backup. More, if at all possible. Definitely more if you make changes and additions to your site. If you make changes multiple times every day, or have a community of people which are in there all the time, a daily backup should be a minimum.
Pathological-looking phrases that were whitelists and black based on Continue which area they appear inside, in a page request. (unknown/numeric parameters vs. known article bodies, remark bodies, etc.).
Those are three simple things you can do to keep WordPress safe without plugins. Put a blank Index.html file in your folders, run your web host security scan and backup your whole account.