As of now, WordPress is currently powering 48 of the blogs online. Apart from that, WP is powering 19 percent of the net as a whole. It means that a lot of people trust WordPress when they want instant creation of websites and blogs.
Since scare tactics seem to be at least start thinking about the problem, or what drives some people to take fix malware problems free a little more seriously, let me shoot a couple of scare tactics your way.
This is fantastic news because it means that there's a strong community of developers and users that can further improve the platform. However there's a big group of people attempting to achieve something, there will always be people who will attempt to take down them.
This is quite handy plugin, protecting you against brute-force password-crack strikes. It keeps track of the IP address of every failed login attempt. You can configure the plugin to disable login attempts for a selection of IP addresses when a certain number of failed attempts is reached.
In addition to adding a secret key to your wp-config.php file, also consider changing your user password to something that is strong and unique. WordPress will tell you the strength of your password, but a good idea is to avoid phrases, use letters, and include amounts. It's also a good idea to change your password regularly - say once every six months.
However, I advise that you set up the Login LockDown plugin in place of any.htaccess controls. That will stop login requests from being allowed from a certain IP address for one hour after three unsuccessful login attempts. If you do so, you can still get into your admin panel whilst away from your find out workplace, and yet you have great protection against hackers.