You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
By default, the newest version of WordPress is pretty darn secure. Anything which may have been added to any fix hacked wordpress site plugins has been considered by the development team of WordPress . Before, WordPress did have holes but most of them are stuffed up.
I might find it somewhat harder to crack your password if you're one of the ones that are proactive. But if you're one of the ones that are reactive, I might just get you.
One thing you can take is to delete the default administrator account. This is important because if you don't do it, a user name which they could attempt to crack is already known by malicious user.
Along with adding a secret key to your wp-config.php file, also think about changing helpful hints your user password into something that's strong and unique. WordPress will tell you the strength of your password, but include amounts, use upper and lowercase letters, and a great idea is to avoid common phrases. It's also a good idea to change your password regularly - say once.
Of course it's possible to install plugins to make your store like share buttons or automatic backup plugin. That's all. Your shop is up and running!