There is a portion of config-sample.php that's led'Authentication Unique Keys.' Four explanations that appear inside the block will be found by you. A hyperlink is fix wordpress malware inside that section of code.You copy the contents that you return, must enter that link into your browser, and change the keys you have with the specific, pseudo-random keys given by the website. That makes it harder for attackers to create a'logged-in' dessert for your site.
The one I recommend, and the approach, is to use one of the password generation and storage plugins available for your browser. Many people like RoboForm, but I believe after a trial period, you have to pay for it. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will generate secure passwords for you.
While it's an odd term, it represents a task: making a WordPress backup of your website to work on offline, or in case something should go amiss. We are not simply being obsessive-compulsive here: servers go down every day, despite their claims of 99.9% uptime, and if you've had this happen to you, you understand the fear is useful site it can cause.
You can extend the plugin features with premium plugins such as: Amazon S3 plugin, Members only plugin, DropShop etc.. I think this plugin is a fantastic option and you can use it for free.
However, I recommend that you install the Login LockDown plugin as opposed to any.htaccess controls. Login requests will be ceased by that from being allowed from a for an hour or so after three unsuccessful login attempts. You can access your cell while from your workplace, and yet you still have great protection against hackers, if you accomplish this.