Since scare tactics seem to be at least start considering the issue, or what compels some people to take rename your login url to secure your wordpress website a bit more seriously, allow me to shoot a couple of scare tactics your way.
It all will start with the basics. Try using passwords. Use spaces, numbers, special characters, and letters and combine them to create a password. You could use.
You need to create a new user, before you can delete the default admin account. To do this go to your WordPress Dashboard and click on User -> Create New User. Then enter all of the information click over here now you need to enter.
In addition to adding a secret key to your wp-config.php document, also consider altering your user password into something that is strong and unique. WordPress will tell you the strength of your password, but include numbers, use letters, and a good idea is to avoid common phrases. It's also a good idea to change your password frequently - say once every six months.
I prefer to use a WordPress plugin to get the work done. Just make sure the plugin you look at here now select is able to do select copies, has restore and can clone. Be sure it is often updated their website to keep pace with all new versions of WordPress. There's absolutely no use in not working, and backing your data up to a plugin that's out of date.