I'm a noob when it comes to blogging... so to protect myself in the future, I asked one of my online friends to see if he could hack into my wordpress blog. He did and he said he did it very easily. He told me that since I used the default configuration naming conventions (database name and prefix), he was able to do some "SQL Injection". The suggestion to me was to make my table prefixes a different name that's impossible to randomly guess (instead of wp, make it 2j23kj9 or something random). Since I'm only in the configuration stage of my blog, a complete reinstall didn't hurt so bad.

I'm sure most of you know this, but I figured I would share it anyway in case someone else was like me and didn't know.