Installing the secure your wordpress site Scan plugin will check most of this for you, and alert you that you might have missed. Additionally, it will tell you that a user named"admin" exists. That is your administrative user name. If you desire you can follow a link and find directions for changing that name. Personally, I think that a strong password is good protection, and because I Find Out More followed these steps, there have been no attacks on the numerous sites that I run.
Backup plug-ins is also important. You want to backup database and all the files you can easily bring your site back like nothing happened.
A snap to move - If, for some reason, you want to relocate your website, like a domain name change or a new hosting company, having your files at your fingertips can save you oodles of time, hassle, and the need for tech help.
As I (our untrue Joe the Hacker) know, people have far too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, you can check here LinkedIn, two blog logins, FTP, web hosting, etc. accounts which all come with logins and passwords you will need to remember.
Just make sure you decide on a plugin that's current with release and the current version of WordPress, and which you may schedule, restore and replicate.