I have had two WordPress blogs. That was at a time when I was doing virtually no online marketing, and until I found time to deal with the situation (weeks later), these sites were penalized in the major search engines. They were not eliminated the ratings were reduced.
There's a portion of config-sample.php that's headed'Authentication Unique Keys.' Four explanations that appear inside the block will be found by you. There is a hyperlink fix hacked wordpress inside that part of code.You copy the contents that you return, must enter that link into your browser, and change the keys you have with the special, pseudo-random keys supplied by the website. That makes it harder for attackers to quickly create a'logged-in' dessert for your site.
The approach, and the one I recommend, is to use one of the password creation and storage plugins available on your browser. I believe after a free trial period, you need to pay for it, although RoboForm is liked by people. I use the free version of Lastpass, and I recommend it for those review of you who use Internet Explorer or Firefox. That will generate passwords for you; you then use one master password to log in.
For me it's a WordPress plugin. They're drop dead easy to set up, have all the functions you need for a job like this, and are relatively cheap, especially when compared to having to hire someone to have this done for you.
Install the WordPress Firewall Plugin. Prevent and this plugin investigates web requests to recognize attacks.
But realize that security is something you really need to start thinking about. Do not just be the reactive type, consider steps to begin today, protecting yourself. Do not let Joe the Hacker make your life miserable and turn all in creating come crashing down in a matter of seconds that you've worked hard.