The fix wordpress malware fix Codex has an outline of what permissions are okay. File and directory permissions can be changed either via an FTP client or within the administrative page from your web host.
Use strong passwords - Do what you can to use a password, alpha-numeric. Easy to remember passwords are also easy to guess!
You must create a user with administrator rights, before you can delete the default admin account. To do this go to your WordPress Dashboard and click on User -> Create New User. Enter all of the information you need to enter.
Make a note of your password to the next time you sign in! I suggest the free or paid version of the software that is protected *Roboform* to remember your passwords.
There is. People know additionally additional resources they could visit with your login form and where they can login and try a different combination of user accounts and passwords out. So visit homepage as to stop this from happening you need to set up Login Lockdown. It's a plugin that allows users to try and login with a Our site wrong password three times. Following that the IP address will be banned from the server for a specific timeframe.