.htaccessfile is and be comfortable editing one.
You can add an extra layer of security by requiring an additional password before users are allowed to access your wp-admin folder. This can prevent attacks that attempt to bypass the WordPress admin login.
Requiring an additional password shouldn't interfere with plugins, themes, and stock WordPress installations.
<Files "admin-ajax.php"> Order allow,deny Allow from all Satisfy any </Files>
Now, when you visit your WordPress admin login, you are prompted to log in.