Since scare tactics appear to be at least start considering the problem, or what compels some people to take repair hacked wordpress site a bit more seriously, allow me to shoot a scare tactics your way.
Strong passwords - Do what you can to use a password, alpha-numeric. Easy to remember passwords are also easy to guess!
Maintain control of your assets that are online - Nothing is worse than getting your livelihood in someone else's hands. Why take chances with something as important as your website?
Can you view that folder, Imagine if you visit WP-Content/plugins? If so, upload that blank Index.html file inside that visit site folder as well so people can not view you could look here what plugins you might have. Someone can use that to get access because if your current version of WordPress is current, if you're using a plugin or an old plugin using a security hole.
These are a few of the things I do to secure my blogs. Thing is that they don't require much time to do. These are also options, which can be done easily.