I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
Cloning your site is another degree in fix wordpress malware which may be useful. Cloning simply means that you've backed up your site to a completely different location, (offline, as in a folder, in order not to have SEO problems) where you can access it at a moment's notice if the need arises.
If you're one of the proactive ones, I might find it somewhat more difficult to crack your password. But if you're among the ones that are responsive, I might get you.
Keep control of your assets - Nothing is worse than having your livelihood Recommended Site in the hands of someone else. Why take chances with something as important as your website?
Make a note of your password for the next time you this link sign in! I recommend the paid or free version of the software *Roboform* to remember your passwords.
There is another problem you have with WordPress. People know additionally they could just visit with your login form and where they can login and try out a different combination of passwords and user accounts. So as to stop this from happening you need to set up Login Lockdown. It's a plugin that allows users to attempt and login with a password three times. Following that the IP address will be banned from the server for a specific timeframe.