Use strong passwords, enable two-factor authentication (2FA), install security plugins, and keep WordPress updated.