I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
There's a portion of config-sample.php that's led'Authentication Unique Keys.' You will find four explanations that appear inside the block. There's a hyperlink secure your wordpress website within that section of code.You change, copy the contents that you return, and have to enter that link into your browser. That makes it harder for attackers to create a'logged-in' dessert for your website.
The stronger approach, and the one I recommend, is to use one of the password creation and storage plugins available on your browser. I think after a free trial period, you have to pay for it, although many people like RoboForm. I use the free version of Lastpass, and I recommend it for those of you who use Firefox or Internet Explorer. That will generate secure passwords for you.
You should also place the"Anyone Can Register" in Settings/General to away, and you should have some sort of spam plugin. Akismet is the old standby, the anonymous one I use, but there are lots of them nowadays.
As I next page (our untrue Joe the Hacker) know, people have far too many usernames and passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two blog logins, FTP, internet hosting, etc. accounts which all include logins and passwords you need to remember.
Change your WordPress password and admin username, or at least website here your password and collect and utilize good WordPress security tips to keep hackers out!