WordPress security is a massive problem, because of WordPress being such a popular blogging platform it is used by millions of sites around the world. If someone is able to get access to your Admin area then they will be able to do anything on your site including deleting posts, changing passwords or shutting down your entire site.
It's always essential that you do as much as you can to tighten up security to your admin area.
Here is example of using htaccess which will block access to your admin area by anyone which is not using a certain IP address.
Create a new htaccess file and place it at the top level of your wp-admin folder.
order deny,allow allow from MY IP ADDRESS (replace with your IP address)
Please note that if you have a dynamic IP address then you will have to change this file each time you want to access the admin area.