Once you have your site installed and running and you are able to login, there are some additional configuration steps that you should follow for best practices and security.

1. Configure email and make sure it works so that if you forget your password and get locked out you can recover it.
2. Make sure you only made the /App_Data and /Data folders writable, the rest of the folders should not be writable. Ideally the /Data folder should also be marked as not executable.
3. Generate a custom machine key, this is very very important for security, and you should do this before changing to encrypted passwords.
4. Of course change the admin login to your own email address and password.