Installing the fix wordpress malware protection Scan plugin will check most of this for you, and alert you that you may have missed. It will also tell you that a user named"admin" exists. Needless to say, that is the administrative user name. If you desire you can follow a link and find instructions for changing that title. Personally, I believe that a password is good security, and there have been no successful attacks on the numerous blogs that I run since I followed these steps.
Backup plug-ins is also significant. You want to backup all the files and database you can bring back your blog like nothing happened.
There is a section of config-sample.php that's headed"Authentication Unique Keys." There are four definitions which appear within the block. There is a hyperlink inside that section address of code. You want to enter that link into your browser, copy the contents which you get back, and then replace the keys you have with the unique, pseudo-random keys provided by the website. This makes it harder for attackers to automatically generate a"logged-in" cookie for your website.
Make a note of your password for the next time you sign in! I suggest the paid or free version of the software that is protected *Roboform* to remember your passwords.
These are some of the things I do to protect my blogs. Great thing is they try this site don't need much time to do. These are also easy options, advice which can be done easily.