Wordfence (Firewall, virus scanning, cache)
Akismet (comment spam blocking)
Jetpack (social, publishing tools, analytics)
WordPress Backup to Dropbox (as it says, backs up site content and database to dropbox)
Have as few plugins as possible. The more you have the more fragile your website becomes, and the greater the risk of hacking or crashing or just falling apart at some point in the future. I have 5 on a corporate website, and I just uninstalled 2 to help with stability and security.
If deciding between some plugins, the ones that are used by vastly more people than the other ones are usually better.
Depends on the use of your site, but I've run a fair few so I've come across some favourites.
-Cloudflare & Cloudflare Flexible SSL - needed to run correctly if you also use Cloudflare.
-bbPress - simple forum software.
-Google Analytics - Google analytics for every page.
-Google XML Sitemaps - don't need a Google account.
-PayPal Donation - if you need it.
-Visitors Traffic Real Time Statistics - simple 2 weeks of stats
-YOP Poll - simple poll plugin.
-AddToAny Share Buttons
-WP Security Audit Log - shows a log of security events.
-Akismet - cuts down on spam very well.
-WP Statistics - good statistics for your blog.
-iThemes Security - excellent security plugin, a must have in my opinion.
-Fast Secure Contact Form - a simple contact form.