With the recent Twitter hacking fiasco, web designer Chris Herbert (@ChrisHerbert) provided us with some helpful tips for securing WordPress.

One of the tips is regarding security measures. These tips come from head of Google's Webspam team, Matt Cutts. Matt talks about securing your wp-admin directory, creating a wp-content/plugins/index.html, and subscribing to the WordPress development blog.

The one tip I have for securing your WordPress instance is:

Don't use the admin account

Using the default admin account normally leaves you open to Dictionary attacks depending on your password. Instead, create a very strong password for the admin account and create a separate administrator account of your own. See UX Booth's How To Pick Passwords That Protect Your Online Experience. You can also downgrade the authority level of the admin account if you so chose.

I would also recommend regularly using an author or editor account if you don't need any of the administrative power.

Got any WordPress security tips? Please share them in the comments.