Installing the fix malware problems free Scan plugin will check all this for you, and alert you that you may have missed. Additionally, it will inform you that a user named"admin" exists. That is the user name. If you desire you can follow a link and find directions for changing that title. I think that there is a strong password security that is good, and there have been no attacks on the sites that I run, since I followed these steps.
The one I recommend, and the stronger approach, is to use one of the creation and storage plugins available for your browser. RoboForm is liked by many people, but I believe after a trial period, you need to pay for it. I use the free version of Lastpass, and I recommend it for those of you who use Firefox or Internet Explorer. That will generate passwords for you.
You also need to Bonuses place the"Anyone Can Register" in Settings/General to away, and you ought to have some type of spam plugin. Akismet is the one I use, the visit homepage old standby, but there are lots of them these days.
Can you view that folder what if you visit WP-Content/plugins? If so, upload this blank Index.html file inside that folder as well so people can't see what plugins you might have. Someone can use this to get access because even if your version of WordPress is current, if you are using a plugin or an old plugin using a security hole.
Implementing all of the above will probably take less than an hour to finish, while making your WordPress website much more immune to intrusions. Over 1 million WordPress sites were cracked this past year, largely due to easily preventable security gaps. Have yourself prepared and you're likely to be on the safe side.