There are millions of blogs. Money is being made by some people and some don't. Most of the bloggers use WordPress at the moment. You will need to make certain that your blog is protected.
You can purchase security plugins . There are safety plugins out there that guarantees optimum security for your own blog. One is known as how to fix hacked wordpress Scan. The system is continuously scanned by this plugin for enhancing the security. Additionally, it updates the security that new hackers cannot penetrate the system.
The approach, and the one I personally recommend, is to use one of the password creation and storage plugins available on your browser. RoboForm is liked by people, but I believe after a trial period, you need to pay for it. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will generate passwords for you; then you use one master password to log in.
Yes, you need to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More. Definitely more if you make additions and changes to your website. If you have a community of people that are in there all the time, or make changes multiple times a day, a daily backup should be a minimum.
As I (our untrue Joe the look here Hacker) understand, people have way too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, internet hosting, etc. accounts which all come with logins and passwords you need to remember.
Implementing all of the above will probably take less than an hour to finish, while making your WordPress website much more immune to intrusions. Over 1 million WordPress sites were cracked last year, mainly due to preventable security gaps. Have yourself prepared and you're likely to be on the safe my sources side.