Tons of articles on the subject of security in WordPress that you can find out there.
The best tips I can give:
1. Don’t use “admin” as your username
2. Don’t use “wp_” as your database prefix.
3. Use a secure password
4. Keep WordPress, plugins and themes up to date
5. Use a security plugin:
Lots of options 🙂