Create a New User Account:
It is harder for a hacker to break into your blog when both the username and the password have to be cracked. That is why you should create a new user and delete the WordPress default “admin”.
You create a user by going into “Users” then “Add New” in the WordPress menu. When creating the new user, make sure to give it the role as an “Administrator”. That will make sure that you have the full authority over your blog.
Now simply logout from your default “admin” account and log in with the new user details. In “Users” you can delete the default admin username. Make sure to choose the option to transfer your old posts to your new username when deleting the “admin” account.
Use a Strong Password:
Do not use simple passwords when creating the new user account. It might be simple for you to remember it, but it is also easier for a hacker to crack it. Your password should be at least eight characters long and should include numbers mixed with characters in uppercase and lowercase.
Set a New Nickname:
You do not want your new username to be the author name that is shown on all posts. Set the nickname WordPress uses as author name to something different than your username. You do this in “Users” under “Your Profile” in the Nickname field. Choose a new nickname and set “Display name publicly as” to your new nickname.
Use Login LockDown Plugin:
Login LockDown plugin records the IP address and timestamp of every failed login attempt to your WordPress blog. If more than a certain number of login attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.
Do Not Allow Guest User Registrations:
If you do not have a membership blog, then there is no reason to allow visitors to register for a guest account on your blog. To check that you’ve got registration turned off, click “Settings” and make sure that “Anyone can register” option is not checked.
Always Upgrade:
Always upgrade to the latest version of WordPress, latest version of your WordPress theme and latest version of plugins you use. One of the reasons for new versions of software and plugins, is the security vulnerability found in older versions. With WordPress 2.7+ all of these upgrades are simple, automated, one-click processes within the WordPress interface.
Backup Regularly:
Taking regular backups is important. In case if something happens, use can always use the backup to recover your blog files. WordPress Database Backupplugin makes it simple to backup your files. Activate the plugin and set it to automatically take backups and send them to a file in your email address.