The secure your wordpress site Codex has an outline of what permissions are okay. Directory and file permissions can be changed either through an FTP client or within the page from other the web host.
Strong passwords - Do your best to use a strong password, alpha-numeric. Easy to remember passwords are easy to guess!
You must create a user, before you can delete the default admin account. To do this go to your WordPress Dashboard and click on User -> Create New User. Enter all of the information you will need to enter.
Now we're useful link getting into things specific to WordPress. Whenever you install WordPress, you need to edit the file config-sample.php and rename it to config.php. You want to install the database information there.
Free software: If you have installed scripts search Google for'wordpress over at this website security'. You'll get many tips.