Finally, installing the fix wordpress malware virus Scan plugin alert you that you may have missed, and will check all this for you. It will also inform you that a user named"admin" exists. Needless to say, that is your administrative user name. You find directions if you desire and can follow a link. Personally, I believe that there is a strong password enough protection that is good, and there have been no successful attacks on the several sites that I run since I followed these steps.
I protect an access to important files on the site's server by placing an index.html file in the particular directory, that hides the files from public view.
Keep your WordPress Installation up to date - One of the easiest and most valuable tasks you can do yourself is to ensure that your WordPress installation is upgraded. WordPress gives you a this hyperlink notice in your dashboard, so there is really no reason to not do this.
As I (our untrue Joe the Hacker) know, people have way too many usernames and passwords to remember. You've got Twitter, Facebook, your online explanation banking, LinkedIn, two blog logins, FTP, web hosting, etc. accounts which all come with logins and passwords you need to remember.
Do not use wp_ as a prefix for your databases. That default is being eliminated by most web hosting providers but if yours doesn't, adjust wp_ to anything but that.