Finally, installing the how to fix hacked wordpress site Scan plugin will check most of this for you, and alert you that you might have missed. Additionally, it will inform you that a user named"admin" exists. That is the administrative user name. You find instructions for changing that title, if you desire and can follow a link. Personally, I believe that a password is enough security that is good, and there have been no attacks on the numerous sites that I run, since I followed these steps.
Essentially, it all will start with the fundamentals. Try using complex passwords. Use spaces, numbers, special characters, and letters and combine them to create a password that is unique. You can also use usernames that are not obvious.
Is to delete the default administrator account. This is important because if you don't do it, malicious user know a user name that they could try to crack.
Make a note of your password for the next time you sign in! I recommend the version of the software *Roboform* to remember your passwords.
Change admin username and your WordPress password, or at least your password, often and collect and use good WordPress safety tips read this to keep hackers out!