Cloning your website is another degree in fix wordpress malware protection which can be useful. Cloning simply means that you have backed up your site to a totally different place, (offline, as in a folder, in order to not have SEO problems) where you can access it at a moment's notice if the need arises.
It will start with the basics. Attempt using passwords. Use numbers, letters, special characters, and spaces and combine them to create a password that is unique. You could use usernames that are not obvious.
What is? Out of all of the choices you can make, which one should you choose and which one is ideal for you specifically at the moment?
Along with adding a secret key to your wp-config.php document, also think about altering your user password to something that is strong and unique. WordPress will tell you the strength of your password, but a great tip is to avoid phrases, use letters, and include amounts. It's also a good idea to change your password find frequently - say once every six months.
Implementing all the above will a fantastic read take less than an hour to complete, while creating your WordPress site more immune to intrusions. Over 1 million WordPress sites were last year, mainly due to easily preventable security gaps. Have yourself prepared and you're likely to be on the safe side.