Currently i have 49 plugins active in my self-hosted WP run site.
Here are my top and must-have plugins.(I'm not stating the already famous ones like all-in-one seo, xml sitemaps, db-manager, etc...)
AntiVirus - AntiVirus for WordPress is a smart and effective solution to protect your blog against exploits and spam injections
Broken Link Checker - Checks your posts for broken links and missing images and notifies you on the dashboard if any are found
Math Comment Spam Protection - Asks the visitor making the comment to answer a simple math question.
No Disposable Email - This plugin prevent people from registering with a disposable email addresses like the one provided by mailinator.
Nofollow Tag Cloud - Inserts rel='nofollow' in links generated by wp_tag_cloud(), and optionally the_tags()
Redirection - Manage all your 301 redirects and monitor 404 errors
Register Plus - WordPress 2.5+ ONLY. Enhance your Registration Page. Add Custom Logo, Password Field, Invitation Codes, Disclaimer, Captcha Validation, Email Validation, User Moderation, Profile Fields and more.
User Locker - This plugin locks user account after given number of incorrect login attempts.
WP-Login-Vkb - Displays a virtual, on-screen keyboard to enter the wordpress password in a safer way, for example in internet cafés.
WP Security Scan - Perform security scan of WordPress installation.
WordPress Exploit Scanner - This plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames.
Any questions are welcome
I highly recommend the ones in RED for added security in your blog. If you need to use any just copy the name from here and search it from your plugin section in your admin panel.