Your WordPress login page can be a very simple entrance point for most skilled hackers. By default the login URL to a default install of WordPress is YourDomain.com/wp-login.php. With this information, hackers can easily try their skill on getting admin access to your site. One very simple way to stop this is to move your login page so they will not have any idea what the URL is. Follow the steps below to make this happen.
- Log into your site and visit Plugins > Add New
- Search for Move Login
- Install and activate
- Visit settings page at Settings > Move Login
- Set as desired
See screenshot of settings page below.