Additionally, it is important to change admin username and your password if someone helps you with your blog and needs your admin and password username to login to perform the work. After all of the work is finished, IMMEDIATELY change your password and admin username. Someone in their business might not be even if the man is trustworthy. Better to be safe than sorry!
Finally, fix hacked wordpress site will tell you that there's not any htaccess in the wp-admin/ directory. You can put a.htaccess file if you desire, and you can use it to control access from IP address to the directory or address range. Details of how to do that are readily available on the net.
Safeguard your login credentials - Don't keep your login credentials where they might be found by a hacker. Store them offsite, as well as offline. Roboform is for protecting them very good . Food for thought!
Keep control of your assets that are online - Nothing is worse than getting your livelihood in the he has a good point hands of somebody else. Why take chances with something as important as your website?
As I (our untrue Joe the Hacker) know, people have far too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts that all come with logins and passwords you will need to remember.
Don't use wp_. Web hosting providers are removing that default but if yours doesn't, adjust wp_ to anything else but that.