The fix hacked wordpress site Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed via an FTP client or within the administrative page from your web host.
I protect an access to important files on the blog's server by putting an index.html file in the particular directory, that hides the files out of public view.
So what is the solution you should choose? Out of all the possible choices you can make, which one should you choose and which one is right for you right?
As I (our fictitious Joe the Hacker) understand, people have far too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, LinkedIn, two blog logins, FTP, internet hosting, etc. accounts that all include logins and passwords you need to remember.
Oh . And incidentally, I talked about plugins. Make sure it's a secure one, when you get a new plugin. Don't install any plugin because the owner is saying that plugin can help you do that or this. Use maybe, or a test blog to look at the top article plugin get a software engineer to analyze it. This way you'll know it is not a threat for your business or you.