The fix wordpress malware virus Codex has an outline of what permissions are okay. File and directory permissions can be changed via an FTP client or within the page from the hosting company.
It all will start with the basics. Try to use complex passwords. Use spaces, numbers, special characters, find more information and letters and combine them to make a password that is special. You can use usernames that aren't obvious.
A snap to move - If, for some reason, you want to relocate your website, visit the website such as a domain name change or a new web host, getting your files at your fingertips can save you oodles of time, hassle, and the demand for tech help.
Another step to take to make WordPress more secure is to upgrade WordPress. The go main reason for this is that with every new update there also come fixes for security holes that are older which makes it essential to update early.
Using a plugin for WordPress security only makes sense. Backups will need to be performed on a regular basis. Do not become a victim of not being proactive about your 16, because!