Year and a half educated us that WordPress security should not be dismissed by any means. Between 15% and 20% of the world's high traffic sites are powered by WordPress. The fact that it is an Open Source platform and everybody has access to its Source Code makes it a prey for hackers.
The secure your wordpress website Codex has an outline of what permissions are okay. Directory and file permissions can be changed either through an FTP client or within the page from the hosting company.
The one I recommend, and the approach, is to use one of the password creation and storage plugins available for your browser. I believe after a free trial period, you have to pay for it, although people like RoboForm. I use the free version of Lastpass, and I recommend it for those of you who use Internet Explorer or Firefox. That will generate secure passwords for you; you then use one master password to log in.
For me it's a WordPress plugin. They are drop dead easy to install, have all the functions you need for a job like this, and are relatively cheap, especially when compared to having to hire someone to get this done for you.
Another step to take to make WordPress secure is to upgrade WordPress to the latest version. The main reason for this is that there come fixes for security holes which makes it essential to upgrade Check This Out early.
Keep in mind that the security of your blogs depend on how you handle them. Be certain that you follow these basic tips to prevent hacks and exploits on your blogs and websites.