The fix malware problems free Codex has an outline of what permissions are okay. File and directory permissions can be changed either via an FTP client or within the page from the web host.
Strong passwords - Do what you can to use a password, alpha-numeric. Easy to remember passwords are easy to guess!
1 thing you can take is to delete the default administrator account. This is important because if you do not do it, malicious view it user know a user name which they could try to crack.
WordPress is one of the most popular platforms for sites and websites. While WordPress is pretty secure out of the box, there are always going to be my site individuals who want to create trouble by finding a way to crack into sites or accounts to cause harm or inject hidden spammy links. That is why it's important to make sure that your WordPress installation is as secure as possible.
But realize that online security is something you must start thinking about. Do not only be the type that is reactive, consider steps to start protecting yourself today. Don't let Joe the Hacker make your life miserable why not try here and turn all in creating come crashing down in a matter of seconds that you've worked hard.