Looks like your figuring out your usage questions on your own. Great stuff. Just beware of third party extensions for mysql/php errors that can effect your security. Most programmers never find out until after its happened. i.e. you are the beta tester! but you lose your site for the benefit.
I also suggest using JSecure to hide your admin page and deleting the admin ID62 USER profile as these are common access points on a shared web server. Create a new super admin. Logout. Reduce old admin to Author. Log out. Then delete that Author ID62.
Check here http://docs.joomla.org/Security_Checklist_7