As soon as your WP site is noticed, people will attempt to brute force your password to get admin rights on it.
How to stop the kiddies:
#1 Don't have a user called 'Admin'. It is by far the most common user name used in brute force accounts. I am almost tempted to suggest that having it should be banned by WP.
#2 Install and activate this plugin. It really should be built into the main WP release. No website should allow an endless number of failed login attempts from the same IP address - it's just asking to be hacked.
