In my view, the best way to make sure that your WordPress security is via using a fix hacked wordpress site backup plugin. This is a relatively inexpensive, easy and elegant to use way to make sure your site is accessible to you in case of a disaster.
The more powerful approach, and the one I personally recommend, is to use one of the password creation and storage plugins available for your browser. People like RoboForm, but I believe after a free trial period, you have to pay for it. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will generate secure passwords for you.
So what is the best solution you should pick? Out of all of the options you can make, which one should you choose and which one is right for you specifically at the moment?
Upgrade today if you're not currently running the latest version of WordPress. Similar to keeping your navigate to this site door unlocked when you leave for vacation leaving your website on an old version is.
Implementing all of the above will probably take less than an hour to complete, while making your WordPress website much more immune to intrusions. Sites were this past year, mainly due to easily preventable safety gaps. Have yourself prepared and you are likely to be on the safe side.