@AndrwCris
I wish Wordpress would make these security recommendations as part of the first time installation. Here's my wish list for Wordpress on their first time setup screen:
1. When the admin user creates their username, the user is not allowed to type in "admin" and in fact the user is warned if they do and asked to change it to something else and given an explanation why it's good practice to not use "admin".
2. The admin user that is configured is assigned a random ID number in the database and every user after is setup accordingly.
3. A random table prefix is already setup in the text box and the user can change it to something else of their choice but not allowed to use wp_.
This would be easy for them to do, right?