I don't know about you, but I researched to find out what others were doing to keep their blog safe, and when I first secured my WordPress site, I found so much information that I was confused. And some of the data was in fact on superstitious or the top. People told me rename this folder, to rename this file and set up these ten plugins. It seemed to be quite a bit of effort and work.
Finally, rename your login url to secure your wordpress website will even tell you that there is not any htaccess from the directory. You can put a.htaccess file if you wish, and you can use it to control access to the directory or address range. Details of how to do this are readily available on the internet.
Protect your login credentials - Do not keep your login credentials where they might be found by a hacker. Store them offsite, and even offline. Roboform is good for protecting them, check my reference too. Food for thought!
Keep your WordPress Setup to date - One of the easiest and most valuable tasks you can do yourself is to make sure your WordPress installation is updated. WordPress gives you a notice on your dashboard, so there's really no reason not to do this.
Install the WordPress Firewall Plugin. Prevent and this plugin investigates web requests with WordPress-specific heuristics that are easy to identify attacks.
But realize that security is something that see this here you must start thinking about. Don't just be the type that is reactive, consider steps to start today, protecting yourself. Don't let Joe the Hacker make your life miserable and turn everything that you've worked hard.