Cloning, as it applies to fix wordpress malware virus, is the act of creating an exact replica of your WordPress install. What's good is that in only a few clicks, you can do it with the correct software. There are a lot of reasons why you may want to do this. Here are just a few.
The more powerful approach, and the one I recommend, is to use one of the password generation and storage plugins available on your browser. I think after a trial period, you have to pay for it, although RoboForm is liked by people. I use the free version of Lastpass, and I recommend it look at this site for those of you who use Internet Explorer or Firefox. That will generate passwords for you; you use one master password to log in.
Move your wp-config.php file one directory up from the WordPress root. WordPress will search for it there if it cannot be found in the main directory. Also, nobody will be able to read the document unless they've SSH or FTP access.
So what's the best way? Out of all of the choices that are click reference available right now, which one is appropriate for you personally and which route should you choose?
There is. People know where they can login and additionally they could visit with your login form and try a different combination of user accounts and passwords out. In order to prevent this from happening you want to set up Login Lockdown. It's a plugin that lets users try and login with a wrong password three times. After that the IP address will be banned from the server for a specific timeframe.