I just got an email (tip) from Laura Betterly today.
She advised everyone who has a WP installation to get this plugin. Of course, I have been using it on all my installs for many months and as pointed out by nearly everyone on this forum, it works without flaw.
I also agree that it should be part of the WP core but since it's not, it's doing just fine as a standalone plugin.
I highly recommend this plugin for anyone who wants to keep their WP installation safe and as Laura and other here have pointed out, stop using admin as a username.
Doing that in combination with this plugin will thwart 90% of attacks especially by humans.
If their mission is to gain access to your dashboard, they will find themselves in a bit of a box when the obvious admin username try fails.
If you leave the plugin as configured, they will only have 3 more 'at bats' which they will quickly waist and expose themselves as hacker who should be IP banned (I do as soon as I get their IP from the log).