Installing the how to fix hacked wordpress Scan plugin will check most of this for you, and alert you to anything that you may have missed. Additionally, it will inform you that a user named"admin" exists. Needless to say, that is your administrative user name. If you desire, you can follow a link and find directions for changing that title. I think that a password is enough security that is good, and because I followed those steps, there have been no successful attacks on the blogs that I run.
If you're one of the ones that are proactive, I published here might find it somewhat more difficult to crack your password. But if you're among those responsive ones, I might just get you.
This is quite useful plugin, protecting you find out against brute-force password-crack attacks. It keeps track of the IP address of every login attempt. You can configure the plugin find more to disable login attempts for a selection of IP addresses when a certain number of attempts is reached.
Install the WordPress Firewall Plugin. This plugin investigates web requests with simple WordPress-specific heuristics to identify and prevent most obvious attacks.
Of course you can set up plugins to make your store more user-friendly like automated plugin or share buttons. That's all. Your shop is now up and running!