Finally, installing the rename your login url to secure your wordpress website Scan plugin will check all this for you, and alert you that you might have missed. Additionally, it will inform you that a user named"admin" exists. That is your user name. If you desire, you can follow a link and find directions for changing that name. I personally think that a strong password is good enough protection, and there have been no successful attacks on the numerous sites that I run, since I followed these steps.
I protect an access to important files on the site's server by putting an index.html file in the particular directory, which hides the files from public view.
You first need to create a user with administrator rights before you can delete the default admin account. To do this go to your WordPress Dashboard and click on User -> Create New User. Enter all of the information you will need to enter.
As I (our fictitious Joe the Hacker) know, people have far too many usernames and imp source passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts which all come with logins and passwords you need to remember.
There is another problem you have with WordPress. People know they could just drop by your login form and where they can login and try a different combination of user accounts and passwords outside. In order to stop this from happening you need to set up Login Lockdown. It is a plugin that only lets users try and login with a wrong password three times. Following that the IP address will sites be banned from the server for a specific amount of time.