Cloning your site is another level in fix wordpress malware plugin that may be very useful. Cloning simply means that you've backed up your website to a totally different place, (offline, as in a folder, in order to not have SEO issues ) where you can get it at a moment's notice if the need arises.
The approach, and the one I recommend, is to use one of the password creation and storage plugins available on your browser. I think site here after a trial period, you need to pay for it, although RoboForm is liked by Lots of people. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will generate passwords for you.
It's a WordPress plugin. They're drop dead easy to install, have all the functions you need for a task like this, and are relatively inexpensive, especially when compared to having to hire someone to have this done for you.
Security plug-ins that were all-Rounder can be considered as a security checker that was full. They provide you with information about the weaknesses of the website and scan and check the website.
Utilizing a plugin for WordPress security just makes sense. Backups need to be carried out on a regular basis. Do not become a victim because of not being proactive!