A half and last year educated us that WordPress security shouldn't be dismissed by any means. Between 15% and 20% of the world's high traffic websites are powered by WordPress. The fact it is an Open Source platform and everyone has access to its Source Code makes it a tempting prey for hackers.
If you don't have good protection on your site, files can easily get lost. Some of those files may be stored on your computer and easily replaceable, but what about the rest of them? If you lose the first time to them where will you get them from again? Especially for sites which have been in business for quite a very long time, clean hacked wordpress site is vital. Often sites have created a number of files and have a lot of data. Recreating all that are a nightmare, and not something any business owner wants to do.
Use strong passwords - Do your best to use a password, alpha-numeric, with upper and article lower case and special characters. Easy to remember passwords are also easy to guess!
It's a WordPress plugin. They are drop dead simple to set up, have all the functions you need for a job like this, and are relatively cheap, especially when compared to having to employ someone to have this done for you.
Now it's time use this person's name and identity to pose as your buddy and to this link sign up for a Facebook accounts. After I get it all set up, I'll be telling you posing as your friend and asking you to be friends with me on Facebook (or Twitter, or whichever societal site).
Implementing all of the above will take less than an hour to complete, while making your WordPress website much more resistant to intrusions. Websites were last year, largely due to preventable security gaps. Have yourself prepared and you're likely to be on the safe side.