You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
Installing the fix wordpress malware scanner Scan plugin alert you to anything that you may have missed, and will check all this for you. It will also inform you that a user named"admin" exists. That is the administrative user name. If you desire you can follow a link and find instructions for changing that name. Personally, I believe that a strong password is enough protection that is good, and there have been no successful attacks on the sites that I run, since I followed those steps.
A simple way would be to use a few tools that are built-in. To begin with, do not allow people run a web host security scan to list the files in your folders and automatically backup your whole web hosting account.
In case you ever want to migrate your site elsewhere, like a new hosting company, you'd be able to pull this off without a hitch, and also without news having to disturb your old site until the new one was set up and ready to roll.
Take note of your password for the next time you sign in! I suggest the version of the secure software *Roboform* to remember your passwords.
The plugin should be updated play nice with your other plugins to stay current with the latest WordPress release and have WordPress cloning and restore capabilities. The ability to clone your website (along with regular backups) can be helpful if you ever need to do an offline site redesign, among other things.