WordPress is the platform that is attacked more frequently than any other type of site, if only for its popularity – approximately 30% of all sites are powered by WordPress.
With this in mind you should be using strong passwords to login to your WordPress backend, so in other words when you browse to www.example.com/wp-admin. If you’re using an easy-to-guess username like admin (default) or a word found in the dictionary then the username will be easily guessed by automated systems that trawl the web looking for such vulnerable sites.
To ensure your site(s) do not succumb to one of the attack methods such as the dictionary attack where bots try to crack your credentials using brute force, use a password generator like the one found at www.passwordsgenerator.net. The default settings are to create a password with 16 characters which will be very strong indeed and extremely difficult to crack. Obviously, to remember a password like this which does not mean anything would be ridiculous so you also need a means to store these away safely and securely. This is where the password manager comes into play and there are many available such as LastPass which has a free version or if you prefer you can record your login IDs and passwords in an Excel Spreadsheet but make sure it is password-protected also.
Happy password generating!