Okay, you got me: WordPress security isn't the sexiest way to spend your time, but it could end up being one of the most profitable! Nothing is more caustic to the lining of your stomach than having your site go down, and wondering whether or not you've lost it all.
Finally, installing the fix hacked wordpress database Scan plugin alert you to anything that you may have missed, and will check most of this for you. It will also tell you that a user named"admin" exists. That is the administrative user name. If you desire you can follow a link and find instructions for changing that title. I believe that there is a password good security, and since I followed these steps, there have been no successful attacks on the several sites that I run.
The stronger approach, and the one I personally recommend, is to use one of the creation and storage Find Out More plugins available on your browser. RoboForm is liked by many people, but I believe after a free trial period, you have to pay for read more it. I use the free version of Lastpass, and I recommend it for those who use Internet Explorer or Firefox. That will generate passwords for you; you use one master password to log in.
Before you can delete the default admin account, you need to create a new user with administrator rights. To do this go to your WordPress Dashboard and click on User -> Create New User. Then enter all the information you will need to enter.
Now we are getting into matters specific to WordPress. You have to rename it to config.php and modify the document config-sample.php, more helpful hints when you install WordPress. You need to set up the database facts there.
However, I advise that you set up the Login LockDown plugin instead of any.htaccess controls. Login requests will stop from being allowed from a certain IP address for an hour. You may access your admin panel whilst and yet you have protection against hackers if you do that.