In my opinion, the best way to ensure that your WordPress security is via using a repair hacked wordpress site backup plugin. This is a relatively inexpensive, elegant and easy to use way to be sure your website is available to you.
Safeguard your login credentials - Don't keep your login credentials where they might be found by a hacker. Store them offsite, and even offline. Roboform is for Discover More protecting them good , too. Food for thought!
This is quite handy plugin, protecting you against brute-force strikes that are password-crack. It keeps track of the IP address of every failed login attempt. You can configure the plugin to disable login attempts for a selection of IP addresses when a certain number of attempts is reached.
Take note of your password! I recommend the paid or free version of the software that is protected *Roboform* to remember your passwords.
Don't use wp_ as a prefix for your own databases. That default is being eliminated by most web hosting providers but if yours doesn't, adjust wp_ to anything else but that.