It's a vicious world. There are immoral technophiles who would love to hack into your WordPress website and create havoc all over your important files and data. Luckily, you can take the following steps to hinder that:
Keep your Plugins up to the minute:
In accordance with WP White Security, plugins account for more than half of all protection susceptibleness in WordPress installation. That figures and enumerations are confirmed by recent reports.
Evade utilizing the "Admin" user name:
Accomplished WordPress technophiles are quite friendly with default installation. They know very well that "admin" is frequently designed as the default administrator account and they might attempt a presumed "brute force" hack with that user name.
Utilize a robust password:
A foremost practice is to utilize a password with not less than 12 characters. Those characters should comprise a mixture of numbers, symbols, and letters in uppercase and lowercase. The password shouldn't be located in the dictionary, either - it should appear to be balderdash to the naked eye.
Source: What are some good ways to protect a Wordpress site from hackers?