Security
The two most important steps to keeping your website safe and un-hacked are:
- Look after your passwords
- Keep the Wordpress software and plugins up to date
Passwords
Use strong passwords!
- 8+ characters
- a mix of lower-case, capitals, numbers, and non-alphanumerical characters (such as underscores and punction marks)
Keep them secret.
I know this is very difficult, but using a secure online password service such as Lastpass or Passpack can really help with this.
Updating/upgrading Wordpress and plugins
I strongly recommend logging into the website as an administrator regularly (weekly, say) to check for changes on the website and to monitor for upgrades. These will be displayed on the Dashboard and it's simply a matter of following the instructions.
However, be sure to take a backup of the database and files