Last year and a half educated us that WordPress security shouldn't be dismissed by any means. Between 15% and 20% of the planet's high traffic sites are powered by WordPress. The fact it is an Open Source platform and everyone has access to its Source Code makes it a prey for hackers.
Backing up your site also assists in securing from secure your wordpress site hackers. You must keep a copy of your documents hide away in backup system that you can be confident of your database. This makes you a protected files that serves you in times of down is the system. Hackers are not as likely to steal from a secured back up system.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, which hides the files check out of public view.
First in line is currently creating a smarter password for your account. Passwords must be made with numbers and characters. You make plus shifted letters and can combine them. Smarter passwords can be your gateway to zero hackers. Make passwords that only you can think of.
You may extend the plugin features with premium plugins like: Amazon S3 plugin, Members only plugin, DropShop etc.. I think this plugin is a good option and you can use it for free.
Implementing all the above will take less than an hour to finish, while creating your WordPress site more resistant to intrusions. Over 1 million WordPress websites were cracked last year, mainly due to easily preventable safety gaps. Have yourself prepared and you're likely to be on the safe side.