Since scare tactics seem to be what drives some people to take repair hacked wordpress site a little more seriously, or at the very least start thinking about the problem, let me shoot a couple of scare tactics your way.
Strong passwords - Do your best to use a password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are easy to guess!
Before you can delete the default admin account, you must create a user with administrator rights. To do this go to your WordPress Dashboard and click on User -> Create New User. his explanation Then enter all of the information you will need to enter.
Now it's time to register for a Facebook accounts that is new and use this person's name and identity to present as your friend. After I get it all set up, I'll be emailing you posing as your friend and asking you to be friends with me on Facebook (or Twitter, or whichever societal site).
I prefer to use a WordPress plugin to get the work done. Make sure the plugin you choose is in a position to do select copies, has restore functionality, and can clone. Be sure that it is often updated to keep pace with all versions of WordPress. There's absolutely no use in not functioning, and backing your data up to a plugin that's out of date.