The secure your wordpress website Codex has an outline of what permissions are okay. Directory and file permissions can be changed through an FTP client or within the page from your hosting company.
Protect your login credentials - Don't keep your login credentials where a hacker might locate them. Store them offsite, and even offline. Roboform is for protecting them very good , also. Food for thought!
Keep your WordPress Installation up to date - One of the simplest and most valuable tasks you can do yourself is to ensure that your WordPress installation is updated. WordPress gives a notice on your dashboard to you, so there is really no reason.
Make a note of your password for the next site link time you sign in! I suggest the paid or free version of the protected software *Roboform* to remember your passwords.
Bear in mind the safety of your sites depend on how you handle them. Make sure that you follow these strategies that are basic to avoid exploits and hacks on websites and your blogs.