Ultimately, clean hacked wordpress site will inform you that there's no htaccess inside the directory. You can put a.htaccess record into this directory if you want, and you can use it to handle the wp-admin directory from Ip Address address or address range. Details of how you can do this are plentiful around the net.
I protect an access to important files on the site's server by placing an index.html file in the particular directory, that hides the files out of public view.
You first need to create a new user, before you can delete the default admin account. To do this go to your WordPress Dashboard and click on User -> Create New User. Then enter all the information you need to enter.
Note that this step for new installations should try. You'll also have click over here to change of the table names within the my response database, if you might like to do it for installations.
However, I advise that you set up the Login LockDown plugin as opposed to any.htaccess controls. That will stops login requests from being permitted from a for an hour or so after three failed login attempts. You can access your admin cell while from your office, and yet you have good protection against hackers, if you accomplish that.