rename your login url to secure your wordpress website Watch out form entries. You may useRegexp to process the information . You can even define preloaded variables as form data in the kind of checkboxes, radiobuttons etc..
The one I personally recommend, and the approach, is to use one of the password generation and storage plugins available on your browser. RoboForm is liked by people, but I believe after a trial period, you need to pay for it. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will generate passwords for you.
What is the best solution you should choose? Out of all the possible choices you can make, which one should you choose and which one is ideal for you right now?
Can you view that folder, Imagine if you go to WP-Content/plugins? If so, upload that blank Index.html file inside that folder as well so people can't see what plugins you have. Someone can use this to get access because even if your existing version of WordPress is up to date, if you're using a plugin or an official website old plugin with a security hole.
Bear in mind the security of your blogs depend on how you handle them. Make certain that you follow these basic strategies to avoid hacks and exploits on your own blogs and sites.