Finally, installing the repair hacked wordpress site Scan plugin alert you that you may have missed, and will check most of this for you. It will also tell you that a user named"admin" exists. Needless to say, that is the administrative user name. You find instructions if you desire and can follow a link. I believe that a strong password is good security, and since I followed those steps, there have been no attacks see this website on the numerous sites that I run.
The more powerful approach, and the one I recommend, is to use one of the creation and storage plugins available on your browser. People like RoboForm, but I think after a trial period, you have to pay for it. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will generate secure passwords for you.
It's a WordPress plugin. They're drop dead easy to install, have all the features you need for a job like this, and are relatively inexpensive, especially when compared to having to employ someone to get this done for you.
Install the WordPress Resources Firewall Plugin. Stop and this plugin investigates web requests to identify find more info attacks that are obvious.
The plugin should be updated have WordPress cloning, play nice and to remain current with the latest WordPress release and restore capabilities. The ability to clone your website (along with regular backups) can be helpful if you ever want to do an offline website redesign, among other things.