Installing the fix wordpress malware removal Scan plugin will check all this for you, and alert you that you may have missed. Additionally, it will inform you that a user named"admin" exists. That is the administrative user name. You can follow a link and find directions if you wish. I personally think that a password is good security, and there have been no attacks on the sites that I run, since I followed those steps.
I might find it a little harder to crack your password if you're one i loved this of the proactive ones. But if you're among those ones, I might get you.
Exploit Scanner goes through the files on your site database, comment and place tables seeking anything suspicious. It notifies you for plugin names that are odd. It does not remove anything, it warns you.
Now we are getting into things. You must rename it to config.php and modify the file config-sample.php, when you install WordPress. You need to set up the database facts there.
But realize that security is. Don't only be the type that is reactive, consider steps to begin today, you can look here protecting yourself. Don't let Joe the Hacker make your life miserable and turn everything in creating come crashing down in a matter of moments that you've worked so hard.