From Shaun Quarton at Torque Magazine

• Backup your site
• Keep everything updated (Wordpress plus themes and plugins — even the ones that aren’t in use.)
• Hide your WordPress version
• Choose secure passwords
• Use secure usernames too (do not use “Admin”)
• Move you login page
• Hide your username (your login name)
• Limit login attempts
• Use a secure host
• Disable the theme and plugin editors
• Add and configure one or more security plugins

These are all great tips.  Go check out Shaun’s post.  I’m always happy to answer questions as well.