Jacob Nicholson wrote this support centre article with 10 recommended steps to lock down and secure WordPress. Really good stuff and here is the link, WordPress wp-login.php brute force attack | InMotion Hosting.
In this video, he explains his recommendations and the reasons the steps were taken. Great for to techies out there.
[Feature Image source: Flickr]