Additionally, it is important to change admin username and your password if you are helped by someone and needs admin username and your password to login to do the work. Admin username and your password changes, after all of the work is complete. Someone in their company might not be if the man is trustworthy. Better to be safe than sorry!
Let me shoot a scare tactics your way since scare tactics appear to be what drives some people to take rename your login url to secure your wordpress website a bit more seriously, or at the very least start considering the issue.
Hackers do not have the power once you got these lined up for your security to come to your WordPress blog. You can have a WordPress account which provides you big bucks from affiliate marketing.
Recently, an unknown hacker murdered the blog of Reuters and published a news article. Since Reuters is a popular news site, their reputation is already destroyed due why not find out more to what the hacker did. If over at this website you do not pay attention on the security of your WordPress 20, the same thing may happen to you.
Can you see that folder, what if you visit WP-Content/plugins? If so, upload this blank Index.html file into that folder as well so people can't view what plugins you have. Because if your version of WordPress is up to date, if you're using an old plugin or a plugin using a security hole, someone can use this to get access.
Do your homework and some searching, but if you are pressed for time and need to get this done once and for all, try the WordPress security plugin that I use. It is a relief to know that my site (and company!) are secure.