The best way to prevent hackers from taking over your website with malware is to secure your hosting account/FTP password. We recommend three strategies to ensure your password doesn't get compromised.
Hackers often try to access your hosting account by simply guessing your password by using applications that continually attempt to enter your user name and password. The less complicated your password, the easier hackers can guess it. Using a strong password makes this more difficult, and ultimately deters them from accessing your account.
See our article Create strong passwords for information about creating passwords, along with other best practices.
We also recommend changing your password often. While it might be inconvenient to remember a new password, it's well worth the extra effort to maintain your account's security.
Your computer might have malicious software installed, known as a key loggers, that records every key stroke you make — including your user names and passwords. Key loggers then send this data back to hackers, so that they can easily access your accounts.
Fortunately, there are many companies that make software to remove key loggers from your computer, as well as other malicious software. We recommend using your favorite search engine to find software that removes key loggers from your computer.
It might seem easier to use one password for everything — but it can create difficult situations for you later on if one of them gets compromised. Hackers then have access to every account of yours that uses that password. So, while compromising your password for a social media Website might not trouble you, if that password also provides access to your bank account, it's more worrisome.