6 simple things for keeping your WordPress Secure Keep Offline Backups. Keep WordPress up-to-date (Core, Themes, Plugins). Change your password at least once a month. Set Strong Passwords for your login. 12 Characters at least, use capitals, numbers and punctuation marks. Delete Unnecessary Themes and Plugins. Keep only what you need. Install a Firewall plugin. Next Post Best security practices for WordPress website owners