Many new webmasters and businesses are unaware that by default WordPress allows unlimited login attempts either through the login page, or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease. ….. However, luckily there are some FREE WordPress plugins available which can stop the hackers in their tracks….
Not all webmasters are aware of the risk, or even know if they have 0777 permissions already enabled on files or folders, and certainly not many new webmasters or bloggers will be aware of the risks, or what to do about it…….