The fix hacked wordpress site Codex has an outline of what permissions are acceptable. File and directory permissions can be changed via an FTP client or within the administrative page from the hosting company.
Strong passwords - Do your best to use try this site a strong password, alpha-numeric. Easy to remember passwords are also easy to guess!
Before you can delete the default admin account, you need to create a user with administrator rights. To do this go to your WordPress Dashboard and click on User -> Create New User. Then enter all of the information you need to enter.
Take note of your password for the next time you sign in! I suggest the free or paid version of the software *Roboform* to remember your passwords.
The plugin should be updated play nice with your other plugins to stay current with the latest WordPress release and have WordPress cloning and restore capabilities. The ability to clone your site (in addition to regular backups) can be useful if you ever want to do an offline site redesign, among other things.