fix hacked wordpress database will inform you that there's not any htaccess inside the directory. You can place a.htaccess record in to this dig this directory if you would like, and you can use it to handle this wp-admin directory by Ip Address address or address range. Details of how you can do that are plentiful around the net.
Use strong passwords - Do your best to use a strong password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are also easy to guess!
Recently, the blog of Reuters was murdered by an unknown hacker and published a fake news article. Due to what the hacker did since Reuters is a news website, their reputation is already ruined. Something similar may happen to you in the event you don't pay attention on the safety of your WordPress blog.
Note that you should try this last step for new installations. You need to change all the table names inside the database if you might like to do it for existing installations.
However, I advise that you set up the Login LockDown plugin rather than any.htaccess controls. Login requests will be stopped by that from being allowed from a certain IP-ADDRESS for an hour or so after three unsuccessful login attempts. It is still possible to access your mobile while from your workplace, and yet you still have great protection against hackers, if you accomplish that.