Well, you have to ask yourself “Secure enough for what?” I doubt you are a bank or other institution that needs exceptionally high security. If you were you’d a team of $100,000+ per year experts to answer this question for you.
With that in mind…
You’d have to subvert the WordPress login system to get past that code. I am sure that is possible but if your passwords are solid it should be pretty difficult. It isn’t going to be a “put a null-byte in the query string” kind of a hack. It should be secure enough for most purposes.
On thing to worry about is that both is_user_logged_in
, and wp_get_current_user
upon which it depends, are both pluggable (nonsensically so to my mind) meaning that a malicious plugin, or just a badly written one, could completely destroy your security.