Use a strong password
A common mistake done by most site owners is using a weak password for the admin user account. This makes easier for hackers to find your password. Use a strong password mixed with capital letters, special characters and numbers. Password strength meter in latest WordPress release will help you to measure the strength of your password.
Limit login attempts
One way of hacking is to use an automated tool to do a dictionary attack. WordPress do not have any limit on login retry attempts. Therefore a hacker can easily try thousands of password combinations until get the correct password.
You can solve this issue by limiting number of attempts that can try to log in to an account. There are many plugins that can lock an account after a number of failed attempts. User Locker by Daniel Frużyńskiis a plugin that can be used for this.