Since scare tactics appear to be what drives some people to take repair hacked wordpress site a little more seriously, or at least start considering the issue, allow me to shoot a scare tactics your way.
I might find it a little harder to crack your password if you're among the ones. But if you're one of the ones, Bonuses I might just get you.
Maintain control of your assets - Nothing is worse than having your livelihood in the hands of somebody else. Why take chances with something as important as your website?
In addition to adding a secret key to your wp-config.php file, also think about altering your user password into something that's strong and unique. WordPress will tell you the strength of your password, but include amounts, use letters, and a good idea is to avoid common phrases. It's also a good idea to change your password regularly - say once.
Free software: If you have installed scripts that are free search Google for'wordpress security'. You'll get many tips.