I just set up WPA2 & change the pass. For a residential house that is more than adequate. If its a business then its a completely different ball game...
I agree with the above on the whole, but some extra commentary:
3. Should be disabled by default anyway on well known router brands
5. Unconvinced. Extra hassle for no benefit imo
6. For a residential setup I don't see the point. Would make sense for small offices I guess.
7. Disagree. Some devices can't connect to hidden SSID & it won't stop anyone who can bypass