Hi acrobate67 have you spoken to your Host in regards to you being hacked? Did you recover your site from a clean backup? Are you running the latest version of WordPress, plugins and Theme?
Did you sign up to use the Malware Scan options in the plugin?
Regards
I reinstalled from a fresh version downloaded form worpress.org (latest version). So there is no way I could have left any infected files. All plugins and themes are up to date. I did not sign for the Malware Scan.
I am just wondering if there is a way to identify the weak point. Every precaution has been taken but I am still getting hacked.
Thanks
If you still being hacked then it might have to do with your Server, as per my request above. Have you being in contact with your Host?
This security plugin does a great job in securing and protecting your website or blog. However you still need to be vigilant with the server settings, plugins and theme. If after you do a complete installation as you mentioned above you are still being hacked then there is some other issue that you need to investigate.
Let me know if what your Host says.
Regards
Another way attackers can steal login credentials of your web host system is via your infected computer. eg, a hacker can install a script to harvest FTP passwords from programs such as filezilla and then send those credentials to themselves.
Since your computer is a tool which you regularly use to access your websites, keeping it secure and protected and scanning regularly is something you should do by habit.
And of course there are lots of free FTP password cracker apps available online. If you do not have a secure FTP password then your FTP password can be cracked in seconds.
I completely agree with @aitpro, FTP password needs to be really really strong otherwise it will get cracked.