Finally, clean hacked wordpress site will also tell you that there is no htaccess in the directory. You may put a.htaccess file into this directory if you wish, and you can use it to control access to the wp-admin directory by IP address or address range. Details of how to do that are available on the net.
The stronger approach, and the one I personally recommend, is to use one of the password creation and storage plugins available on your browser. I believe after a free trial period, you have to pay for it, although RoboForm is liked by people. I use the free version of Lastpass, and I recommend it for those of you who use Firefox or Internet Explorer. That will generate passwords for you; you then use one master password to log in.
Keeping your WordPress website up-to-date is one of the easiest things you can do. For news the past couple of versions, the you can find out more ability to install updates has been included by WordPress. A new update becomes available.
Install the WordPress Firewall Plugin. This plugin investigates web requests with WordPress-specific heuristics that are simple to identify and stop obvious attacks.
But realize that online security is. Don't only be the reactive type, consider action to begin today protecting yourself. Don't let Joe the Hacker make your life miserable and turn everything that you've worked hard in creating come crashing down in a matter of seconds.