There are so many ways to tighten up the security of your WordPress site:
Strong passwords
2-Step Authentication
Keeping WordPress core and plug-ins up-to-date
Running security plug-in like Wordfence
Regularly checking for malware
. . . and the list goes on and on.
Let’s start with the easiest two — strong passwords and 2-step authentication.
In the User section of your website, you can update your password and set up 2-step authentication:
Log into you WordPress site
Click on Users
Click on your Profile
Scroll down to Account Management
Click New Password
Create a new password
Scroll to down and click Update Profile
If you have Wordfence installed, you can turn on 2FA (Two Factor Authentication), located just below the Password section. You will need your phone and with an Authentication app.
REMEMBER to click Update Profile so the changes take affect.