It looks like the plugin security measures recommended on DreamHost's Harden WordPress page, plus a lot of the other security measures people recommend here, could all be handled by using Akismet plus the Better WP Security plugin, rather than a separate plugin for each function (backup, slowing down password crackers, backing up the site, .htaccess rewrites...)
However, Better WP Security is powerful enough to easily break things.
What have people's experiences been? Recommendations? I'm just getting into the security end of WordPress and want to avoid learning reams of tech stuff, if possible.