Use indicators in user names: For PutHerForard phf_dhdhdhw_jdj1928
Never use the admin username. This is too easy for attackers to guess.
Create an admin user, and set it to an Editor role. Then never use it.
Use somehting like this for your admin name:
Unless, you are running a site where users can register. Then register than admin name (Check spammers and word fence).
Keep this all in a Google Doc
Never use wp_ as the table prefix. This is too easy to guess
Keep it short though.
Try something like
Delete Hello Dolly
WP Updates Notifier
UpdraftPlus Backup and Restoration