Preserve headers/logos underneath 125 pixels high. It takes up beneficial viewing space, primarily for laptop users, that is ideal left for the good stuff to appear"above the fold." Take a cue from the massive businesses, straightforward logos completed nicely say it all. This is our #1 pet peeve - screaming logos and headers!
Installing the rename your login url to secure your wordpress website Scan plugin will check most of this for you, and alert you that you may have missed. Additionally, it will inform you that a user named"admin" exists. Needless to say, that is the user name. If you desire, you can follow a link and find directions for changing that name. I personally believe that there is a password security that is good, and there have been no successful attacks on the sites that I run because I followed those steps.
Safeguard your login credentials - Do not keep your login credentials where they might be found by a hacker. Store them offsite, as well as offline. Roboform is good for protecting them. Food for thought!
Exclude pages - This plugin provides a checkbox,"include this page in menus", which can be checked by a fantastic read default. If you uncheck it, the page will not appear in any recommended you read listings of pages (which contains, and is ordinarily limited to, your page navigation menus).
It's really sexy to fan the flames of fear. That is what journalists and bloggers and politicians and public figures mostly do. It's great for readership and it brings money. Balderdash.
However, I recommend that you set up the Login LockDown plugin instead of any.htaccess controls. From being permitted after three failed login attempts from a specific IP address for one hour, login requests will stop. You may still access your admin panel whilst away from your workplace, and yet you have protection against hackers, if you do that.