The clean hacked wordpress site Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed either via an FTP client or within the administrative page from your hosting company.
The stronger approach, and the one I recommend, is to use one of the password creation and storage plugins available for your browser. RoboForm is liked by people, but I believe after a trial period, you have to pay for it. I use the free version use this link of Lastpass, and I recommend it for those of you who use Firefox or Internet Explorer. pop over to these guys That will generate passwords for you.
A snap to move - If, for some reason, you need to relocate your website, such as a domain name change or a new hosting company, getting your files at your fingertips can save you oodles of time, my explanation hassle, and the need for tech help.
Can you see that folder, Imagine if you go to WP-Content/plugins? If so, upload this blank Index.html file inside that folder as well so people can not see what plugins you might have. Someone can use this to get access because if your version of WordPress is current, if you are using a plugin or an old plugin with a security hole.
Free software: If you've installed scripts such as Wordpress, search Google for'wordpress security'. You will get many tips on how best to make your WP blog secure.