My first step isn't one you have to take but it helped me. I had a fantastic old fashion pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me) And I did before I started my site, what I should have done. And here is where I want you to start. Learn hacked. The thing about how to fix hacked wordpress site and why so many of us recommend it is because it is so easy to learn. That can also be a detriment to the health of our sites. We have to learn how to put in a safety fence around our website.
Use strong passwords - Do what you can to use a password, alpha-numeric. Easy to remember passwords are also easy to guess!
Before you can delete the default admin account, you need to create a user with administrator rights. To do this go to your WordPress Dashboard and click on User -> Create New User. Then enter all the information you will need to enter.
It's really sexy to fan the flames of fear. That's what bloggers and journalists and politicians and public figures do. It's terrific for readership and it brings money. Balderdash.
There are always going to be risks being online (or even just being alive!) And it's easy to get caught up in the panic. As soon as we get caught up in the click this site fear, we often put the breaks on. This isn't a fantastic response. Take some common sense precautions, then forge ahead. It is going to have to be addressed then, if something bad does happen and of quaking in your boots 23, no amount will have helped. If nothing does, all is good and you haven't made yourself ill with worry.