My sites are getting hacked regularly even though my sites are currently up to date and only using the most to update popular plugins
I think there are some easy modifications that might reduce hacking.
1) the admin users always defaults to "admin". On the installation, we should have an option to choose our own username.
2) the table_prefix is defaulted to "wp_"; Maybe we can leave the default as "wp_" but on the installation, it should ask us if we want to change the table prefix.