Finally, secure your wordpress site will also inform you that there's not any htaccess inside the directory. You may place a.htaccess record in to this directory if you would like, and you can use it to handle the wp-admin directory by Ip Address address or address range. Details of how you can do this are plentiful around the net.
The approach, and the one I recommend, is to use one of the password generation and storage plugins available for your browser. I think after a free trial period, you need to pay for it, although RoboForm is liked by people. I use the free version of Lastpass, and I recommend it for those who use see post Firefox or Internet Explorer. That will generate passwords for you; then you use one master password to log in.
Recently, the blog of Reuters was murdered by an unknown hacker and posted a news article. Because of what the hacker did since Reuters is a news site, useful site their reputation is destroyed. The same thing may happen to you in the event you do not pay attention.
Imagine if you go to WP-Content/plugins, can you see that folder? If so, upload this blank Index.html file into that folder as well so people can not view what plugins you might have. Because if your version of WordPress is current, if you're using an old plugin or a plugin with a security hole, then someone can use that to get access.
Free software: If you've installed scripts that are free like Wordpress, search Google for'wordpress security'. You'll get many tips on reference the best way to create your WP blog secure.