Year and a half taught us that WordPress security shouldn't be dismissed by any means. Between 15% and 20% of the world's high traffic sites are powered by WordPress. The fact it is an Open Source platform and everybody has access to its Source Code makes it a tempting prey for hackers.
The how to fix hacked wordpress Codex has an outline of what permissions are okay. File and directory permissions can be changed via an FTP client or within the administrative page from your hosting company.
Use strong passwords - Do what you can to use a password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are easy to guess!
Should you ever want to migrate your website elsewhere, like a new web host, you'd have the ability to pull this off without a hitch, and also without having to disturb your old site until the new one was set up and ready to roll.
Another step to take to make WordPress more secure is to always upgrade WordPress to the latest version. The main reason for this is that you could try these out there also come fixes for security holes making it essential to update.
Implementing all the above will take less than an hour to finish, while creating your WordPress website considerably more immune to intrusions. Sites were cracked last year, mainly due to easily preventable security gaps. Have yourself prepared and you are likely to be on the safe side.