Keep headers/logos under 125 pixels high. It takes up valuable viewing space, especially for laptop users, that is best left for the good stuff to appear"above the fold" Take a cue from the big companies, simple logos done well say it all. This is our #1 pet peeve - screaming logos and headers!
Installing the fix wordpress malware removal Scan plugin alert you to anything that you might have missed, and will check most of this for you. Additionally, it will tell you that a user named"admin" exists. Needless to say, that is your user name. If you desire you can follow a link and find instructions for changing that name. Personally, I think that there is a password good protection, and there have been no successful attacks on the sites that I run, because I followed those steps.
No software system is immune to bugs and vulnerabilities. Security holes will be discovered and bad guys will do their best to my company exploit them. Keeping your software up-to-date is a good way once security holes are found because their products will be fixed by software sellers that are reliable.
You should also set the"Anyone Can Register" in Settings/General to away, and you ought to have some sort of spam plugin. Akismet is the one I use, the old standby, but there are many of them these days.
Note that you should only try this last step for new installations. If you would like to do it you'll also need to change all the table names inside the database.
Implementing all of the above will probably take less than an hour to complete, while creating your WordPress site more resistant to intrusions. Sites were cracked this past year, largely due to preventable safety gaps. Have yourself prepared and you're likely to be on the safe side.