I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
There is a part of config-sample.php that is headed'Authentication Unique Keys.' You will find. There is a hyperlink secure your wordpress site inside that part of code.You have to enter that link into your browser, copy the contents that you return, and change the keys you have with the pseudo-random keys given by the website. That makes it harder for attackers to generate a'logged-in' dessert for your website.
The more powerful approach, and the one I recommend, is to use one of the creation and directory storage plugins available for your browser. RoboForm is liked by people, but I think after a free trial period, you have to pay for it. I use the free version of Lastpass, and I recommend it for those of you who use Firefox or Internet Explorer. That will generate secure passwords for you.
Keep control of your assets - Nothing is worse than having your livelihood in the hands of someone else. Why take chances with something as important as your website?
Now it's time to sign up for a new Facebook account and use this individual's name and identity to pose as your friend. Once I get it all set up, I'll be telling you posing as your friend and asking you to be friends with me on Facebook (or Twitter, or whichever social site).
Using a plugin for WordPress security only makes sense. Backups will need to be performed on a regular basis. Do not become a victim of not being proactive as Recommended Reading a result!