There's a portion of config-sample.php that is led'Authentication Unique Keys.' You will find. There's a hyperlink how to fix hacked wordpress site within that section of code.You must enter that link into your browser, copy the contents that you return, and change. That makes it harder for attackers to quickly generate a'logged-in' dessert for your site.
The one I personally recommend, and the approach, is to use one of the password generation and storage plugins available on your browser. RoboForm is liked by many people, but I think after a free trial period, you have to pay for it. I use the free version of Lastpass, and I recommend it for those who use Internet Explorer or Firefox. That will generate secure passwords for you.
There's a section of config-sample.php that is headed"Authentication Unique Keys." There are. A hyperlink is inside that section of code. You need to enter that link in your browser, copy the contents that you return, and replace pop over to this site the keys you have with the unique, pseudo-random keys offered by the site. This makes it harder for attackers to automatically create a"logged-in" cookie for your website.
It is really sexy go to my blog to fan the flames of fear. That is what bloggers and journalists and politicians and public figures do. It's terrific for readership and it brings money into the war chests. Balderdash.
However, I advise that you install the Login LockDown plugin as opposed to any.htaccess controls. That will stops login requests from being allowed from a specific IP-ADDRESS for an hour or so after three failed login attempts. If you accomplish that, you can still access your admin mobile while from your office, and yet you still have protection against hackers.