if you use wordpress you should heard that new botnet was attaking most wordpress sites and only with 99 bots it could get in to your wordpress.
My first suggestion is to change your password on on a schedule(monthly 3 months or …)
but the other thing is it easy to brutforce any thing that you already know the username or password but it seam that some web hostings don’t let you to change the admin username so here is a way around to do that.
- find the mysql properties.
- go to the phpmyadmin place.
- select your wordpress database.
- got to the wp_users table
- click on browse tab
- change the user_login from admin to any username that you want to type for login
if on the wordpress dashboard settings you chose to show the name of the one who post it will not show your new username because it will show the user_nicename or display_name from the mysql tables.