Installing the secure your wordpress website Scan plugin will check most of this for you, and alert you to anything that you might have missed. It will also tell you that a user named"admin" exists. That is the administrative user name. If you wish you can follow a link and find instructions for changing that name. Personally, I think that a password is security that is good, and there have been no attacks on the numerous blogs that I run since I followed those steps.
This is great news because it means that there is a strong community of users and developers who could further enhance the platform. Whenever there is a big group there will always be people who will attempt to take them down.
You first need to create a new user, before you can delete the default admin account. To do this go to your WordPress Dashboard and click on User -> Create New User. Then enter all of the information you need to enter.
In addition to adding a secret key to your wp-config.php file, also think you could try these out about altering your user password to something that is strong and unique. WordPress will let you know the strength of your password, but include amounts, use upper and lowercase letters, and a good idea is to avoid phrases. It's why not try this out also a good idea to change your password frequently - say once every six months.
These are only a few of the things I do to secure my blogs. Thing is that they don't require much time to perform. These are also simple options, which can be carried out.