Turnip has a great post about protecting your WordPress blog and the entire installation, so to speak. It’s a excellent addition to a post by Matt Cutts I read earlier this year giving 3 tips on protecting your WordPress installation.
To add something to this, what I personally also use is a WordPress plugin called Login LockDown by Michael VanDeMar. It may be similar to creating a particular .htaccess file discussed on the above blogs but may be easier to create using this plugin.
Besides this, I strongly encourage everyone to upgrade to the newest WordPress version whenever available (currently v2.5) so you close old security leaks and ban attackers.