I'm sorry about your website hacking experience - it is never a pleasant one and can mess with your mind for quite awhile afterwards.
When i first created BPS i was in a nightmare battle with some hackers (auto attacks and direct individual attacks simultaneously). Every move i made they just blew through it like it was nothing. This went on for about 5 days until I put together what is now the secure.htaccess file. This stopped them completely, but i was holding my breath for 3 weeks afterwards when i went to check that client's site every day to see if it had been hacked.
The point I am trying to make is that when BPS is activated you can feel very confident that all attacks coming from outside of your web host will be blocked. You should still monitor your website for a week for internal or lateral attacks. If the web host has been compromised somehow then BPS will protect you from some lateral attacks, but cannot protect you from things like passwords being hacked, etc.
I personally only use BPS for website security on my websites and client's sites so i can't recommend any other plugins to go with BPS, but Login Lockdown looks like a good plugin and WP Security Scan has some nice features. There are a couple of WordPress security plugins that you should avoid. I will not mention their names, but recommend that eveyone should read the "what others are saying comments" for any plugin that they plan on installing.
Exploit Scanner is a great plugin for checking for malicious or suspicious code on your website.
What you can do to increase your website security even further is to add additional hatccess filters and rules to the BPS master files and of course your active htaccess files. htaccess files can do all sorts of neat stuff besides just providing website security. So what i recommend is that you do some Googling on "htaccess" and "htaccess website security", etc. And that is what is so great about the built-in BPS htaccess File Editor - you can add things on the fly - test em in another browser window - if your site blows up - then just remove the edit in your other browser window - no harm no foul. ;) Of course you can put the site in Maintenance Mode too so if you screw up then only you know about it. LOL Thanks.