Besides the graphics and text you're creating, you'll require a protection and backup option for your new website. how to fix hacked wordpress site is important, and if you don't protect and back up your website you could lose important data and information which may be very hard to restore. You don't need to need to start over from scratch after you have done all that work, so be sure you're secure.
The stronger approach, and the one I personally recommend, is to use one of the password creation and storage plugins available on your browser. I believe after a trial period, you have to pay for it, although many people like RoboForm. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will generate passwords for you.
Is to delete the default administrator account. This is critical because if you do not do it, malicious user know a user name which they could attempt to crack.
Now we are getting into matters specific to WordPress. Whenever you install WordPress, you have to edit the file config-sample.php and rename it to config.php. You want to install the database details there.
Do not use moved here wp_. That default is being eliminated by web hosting providers now but if yours doesn't, fix wp_ to anything else but that.