Here’s one way to keep blog brute force attacks from happening: If you have your WordPress login ID name as “Admin” change it right now!
Did you go change it? Well, as soon as you get through reading this article, make sure you go and do it. Every moment of every day there are malicious “bots’ attacking your blog for vulnerabilities. Luckily for you there is a WordPress plugin you can download for FREE from the WordPress.org site named (no surprise) Limit Login Attempts that I can highly recommend. In the plugin settings I have it set so I get an email whenever there are repeated login attempts and it locks the bots out. Of course, they keep trying, but then, I don’t have my login name as “Admin” either. I do have a very strong password as well and change it now and then.
This plugin works very well and is easy to set up as well as fine tune for your blog protection. I highly recommend it.
If you would like more information about the plugin before deciding whether to download and install it the home page for Limit Login Attempts can be found either as a link on the WordPress.org site as I said above, or using my link here.