There's a portion of config-sample.php that is headed'Authentication Unique Keys.' You will find. There is a hyperlink fix hacked wordpress inside that part of code.You must enter that link in your browser, copy the contents which you return, and change. That makes it harder for attackers to create a'logged-in' dessert for your site.
Safeguard your login credentials have a peek here - Don't keep your login credentials where a hacker could find them. Store them off, as well as offline. Roboform is very good for protecting them. Food for thought!
What is the best solution you should pick? Out of all the options you can make, which one should you choose and which one is right for you specifically right now?
Install the WordPress Firewall Plugin. This plugin investigates web requests with WordPress-specific heuristics that are easy to recognize and stop attacks.
Do your homework and some searching, but if you're pressed for time and want to get this done once and for all, try out the WordPress security plugin that I use. It is a relief to know that my website (and business!) are secure.