Looks like someone inserted a password form on the server level. I suggest you get in touch with your hosting provider for support as well as read through this document:
https://codex.wordpress.org/FAQ_My_site_was_hacked
There’s also a forum tag specifically for cases of hacked sites:
https://wordpress.org/support/topic-tag/hacked/
Moderator
t-p
(@t-p)
Sucuri online site check was unable to properly scan your site: https://sitecheck.sucuri.net/results/www.homedoctorservices.sg
Try:
– deactivating ALL (yes all) plugins temporarily to see if this resolves the problem (plugin functions can interfere). If this works, re-activate them individually (one-by-one) to find the problematic plugin(s).
– manually resetting the plugins folder by FTP/ SFTP (no Dashboard access required). Sometimes, an apparently inactive plugin can still cause problems. Also remember to deactivate any plugins in the mu-plugins folder (if you have created such folder). The easiest way is to rename that folder to mu-plugins-old.
– switching to the unedited default Theme (Twenty Sixteen.) for a moment using the WP dashboard to rule out any theme-specific issue (theme functions can interfere like plugins). If you don’t have access to your admin area, use FTP/ SFTP , or your web-host’s cPanel or whatever file management application your host provides (no Dashboard access required). Navigate to /wp-content/themes/ and switch to the default theme by renaming your current theme’s folder by adding “-old” to the end of the folder name. Alternately, you can remove other themes except the default theme (Twenty Sixteen.). That will force your site to use it.
