Here is what I learned from Galin Morgigno:
6 Best WordPress Security Plugins List
No. 1 – WP Security Scan Secure Scan strengthens the security for your WordPress installation by scanning your site for security vulnerabilities and suggesting methods in which your can fix the problem.
No. 2 – WP MalWatch WP-MalWatch is a WordPress security plugin scanner designed to help alert you when hackers have been at work inside your blog. When hackers infiltrate a blog, the first thing they do is plant hidden files, disguised and malicious in various directories. Their goal is to litter your WordPress installation and theme with links to their sites.
No. 3 – WP Secure WP Secure plug-in provides secure WordPress installation by hiding your WordPress plug-in directory and version from non-admin users or visitors. Hackers normally use this information to hack there way into a blog, so by adding this plug-in you can maximize your website blog security.
No. 4 – Website Defender WordPress Security The Website Defender WordPress Security plug-in is a free and comprehensive security tool that helps you secure your WordPress installation and suggests corrective measures for: strengthening passwords, securing file permissions, security of the database, version hiding, WordPress admin protection and lots more.
No. 5 – Akismet Akismet checks your comments against the Akismet web service to see if they look like spam or not and lets you review the spam it catches under your blog’s “Comments” admin screen. Akismet comes pre-installed with WordPress, although you’ll need to apply for an API key to use it. You can do this through Akismet’s options panel in the Dashboard.
No. 6 – BackWPUp BackWPUp is a truly excellent plugin that can back up both your files and database, then send them to multiple locations such as Amazon S3, FTP, Dropbox etc. You can select exactly what folders and tables you want to backup, and also schedule automatic backups. A truly handy plugin that is free.