By default, the latest version of WordPress is pretty darn secure. The development team of WordPress has considered anything that might have been added to any how to fix hacked wordpress site plugins. Before, WordPress did have holes but now most of them are stuffed up.
Don't make the mistake of thinking that your hosting company will have your back as far as WordPress copies go. Not always. It has been my experience that read review the company may or might not be doing backups while they say that they do. over here Why take that kind of chance?
Should you ever wish to migrate your site elsewhere, like a new web host, you'd be able to pull this off without a hitch, and also without having to disturb your old site until the new one was in place and ready to roll.
As I (our fictitious Joe the Hacker) know, people have way too many usernames and passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, internet hosting, etc. accounts which all come with logins and passwords you need to remember.
Utilizing a plugin for WordPress security just makes sense. Backups need to be performed on a regular basis. Do not become a victim of not being proactive because!