A half and last year taught us that WordPress security should not be taken lightly by any means. Between 15% and 20% of the world's high traffic sites are powered by WordPress. The fact that it is an Open Source platform and everyone has access to its Source Code makes it a prey for hackers.
secure your wordpress site will also tell you that there is not any htaccess in the wp-admin/ directory. You may put a.htaccess file if you desire, and you can use it to control access from IP address to the wp-admin directory or address range. Details of how to do that are available on the internet.
Essentially, it all will start with the fundamentals. Try to use passwords. Use spaces, numbers, special characters, and letters and combine them to create a password that is special. You could use usernames that aren't obvious.
First in line is creating a smarter password for your check my reference account. Passwords must be made with special characters and numbers. You may combine them and create small plus shifted letters. Smarter passwords can be your gateway to zero hackers. Make difficult passwords that you can think of.
Upgrade if you're not running the latest version of WordPress. Leaving your website on an old version is like maintaining your door unlocked when you leave for vacation.
These are only a few of the things I do to protect my blogs. Great thing is they don't need much time to do. These are also easy solutions, which can be carried out easily.