Cloning your site is another level in how to fix hacked wordpress site that may be very useful. Cloning simply means that you have backed up your website to a totally different place, (offline, as in a folder, in order not to have SEO issues ) where you can get it at a moment's notice if necessary.
The more powerful approach, and the one I recommend, is to use one of the password creation and storage plugins available for your browser. I think after a trial period, you need to pay for it, although people like RoboForm. I use the free version of Lastpass, and I recommend it for those of you who use Firefox or Internet Explorer. That will generate passwords for you; then you use one master password to log in.
Exclude pages - use this link This plugin provides a checkbox,"include this page in menus", which is checked by default. If you uncheck it, the page won't appear in any listings of pages have a peek at this site (which contains, and is ordinarily limited to, your webpage navigation menus).
Make a note of your new password! I suggest the free or paid version of the secure software *Roboform* to remember your passwords.
There is. People always content know where they can login and additionally they could just visit with your login form and try a different combination of passwords and user accounts out. In order to prevent this from happening you need to install Login Lockdown. It is a plugin that only allows users to try and login with a password three times. Following that the IP address will be banned from the server for a certain amount of time.