Keep headers/logos under 125 pixels high. It takes up valuable viewing space, especially for laptop users, that is best left for the good stuff to appear"above the fold" Take a cue from the big companies, simple logos done well say it all. This is our #1 pet peeve - screaming logos and headers!
The secure your wordpress website Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed via an FTP client or within the administrative page from the hosting company.
Use strong passwords - Do what you can to use a strong password, alpha-numeric. Easy to remember passwords are also easy to guess!
I don't think there is a person out there that after learning how much of a problem WordPress hacking is that it's a fantastic idea to boost the security of their blogs. However, something I've noticed look at this web-site through the years is that when it comes to securing their blogs, bloggers seem to be stuck in this state that is reactive.
It's really sexy to fan the flames of fear. That is what journalists and bloggers and politicians and public figures do. It's great for readership and it brings money. Balderdash.
Software: If you've installed free scripts search Google for'wordpress security'. You'll get many tips on the best way best to make your WP blog secure.