You have all heard about the recent rise brute force attacks against WordPress, if you have not Sucuri has been chronicling it for you. brute force attack is program trying to login to your site with username and password combinations. The easiest way to defeat these attempts is to use password pass-phrase... We'll keep protecting your WordPress sites from the various and nefarious denizens of the interwebs as best as we can, and you defeating all the work we trying to do for you.. easy to 3 or 4 word pass-phrase is WAY harder to krack guess then mYp@sw0®d.. Remove the default 'admin account.. I work on the interwebs and am CEO and co-founder of Pagely the Managed WordPress Hosting company. I use SSL for my wp-admin and logging, and I found that not all plugins work over SSL, so that's one thing to be careful of.. choosing password and making certain that you have most version of WordPress is protection. The botnet is in literal sense guessing account details, if you have something that is not guessable you will be safe..
Read more