Being that we've been hacked and slammed hard, I feel that it's appropriate for me to put in input here...

1. Make sure all of your wordpress sites, CMS's, etc. are all updated!
2. Monitor your server, if at any time you ever see any folder named "paypal" immediately delete it. IMMEDIATELY. This opened a firewall for us and a hacker snuck in through the paypal directory and placed files in that directory which read all backend key strokes and reported it to him.

Now....
Use a different password for every site. We used the same. That's how the virus wiped us out costing us a shit load of money in damage.

We use 15 charactars consisting of uppercase, lowercase, numbers, and symbols.
Do not use numbers in a row. One of ours was 4321 in a password.

I would use what everyone else here has suggested.