We know that site security very important as for developer and client prospective. So these are few basic idea where you can save your site
- Never use login credentials simple user name is admin. Select username different which does not match your site name.
- Always use Password very strong (Combination of capital letter, Small letter, digit, Special character).
- You can also generate using password link.
- Possible to change Username and Password every month.
- Use login credentials limits using this plugin wp-login limit.
- Use itheme Security plugin hide default login url make different url as you want.
- Restrict WordPress Admin Access by IP visit link to know more