You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
Since scare tactics seem to be at the very least start considering the issue, or what drives some people to take fix malware problem a little more seriously, allow me to shoot a few scare tactics your way.
Strong passwords - Do your best to use a password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are also easy to guess!
Should you ever want to migrate your site elsewhere, such as a new web host, you'd be able to pull this off without a hitch, and also without having to disturb your old site until the new one was set up and ready to roll.
As I (our fictitious Joe the Hacker) understand, people have way too many usernames and passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts that all come with logins and passwords you will need to remember.
I prefer to use a WordPress plugin to get the job done. Just make sure the plugin you choose is able to do copies, has restore and can clone. Also be sure it is often updated Continue to keep pace. There's absolutely not any use in not working, and backing your data up to a plugin that's out of date.