It's also important to change your password and admin username if someone will help you with your site and needs your admin and password username to login to do the job. Admin username and your password changes after all of the work is complete. Someone in their company may not be even if the man is trustworthy. Better to be safe than sorry!
Since scare tactics appear to be at least start considering the problem, or what drives some people to take clean hacked wordpress site a little more seriously, allow me to shoot a scare tactics your way.
Use strong passwords - Do what you can to use a strong password, alpha-numeric, with upper and lower case and pop over to this web-site special characters. Easy to remember passwords are also easy to guess!
A snap to move - If, for some reason, you want to relocate your website, like a domain name change or a new hosting company, having your files at your fingertips can save you oodles of time, headache, and the need for tech help.
BACK UP your website and keep a copy on your computer and storage. For those who have a very active site, back. You spend a lot of money and time on your website, do not skip this! The one complete solution that does it all is BackupBuddy, no additional plug-ins back up widgets your files, plugins and database. Need to move your website to another host, this will do it!
Do your homework and some hunting, but if you're pressed for time and want to get this done once and for all, try out the WordPress safety plugin that I use. It's a relief to know that my site (and company!) are secure.