Cloning your site is just another degree in fix malware problem that can be very useful. Cloning simply means that you have backed up your website to a totally different place, (offline, as in a folder, so as not to have SEO problems) where you can access it at a moment's notice if necessary.
Is also important. You want to backup all the files and database so in case of a sudden attack, you can easily bring back your blog like nothing happened.
Yes, you want to do regular backups of your website. I recommend at least a weekly database backup and a monthly "full" backup. More, if at all possible. Definitely more if you make changes and frequent additions to your site. If you make changes multiple times a day, or have a community of people that are click here to read in there all the time, a backup should be a minimum.
As I (our fictitious Joe the Hacker) understand, people have far too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts which all come with logins and passwords you need to remember.
There is. People know additionally they could drop by with your great post to read login form and where they can login and try a different combination of passwords and user accounts out. So as to prevent this from happening you want to set up Login Lockdown. It is a plugin that allows users to attempt to login with a password three times. After that the IP address will be banned from the server for a certain timeframe.