WordPress is the most popular CMS and hence one of the most targeted system for brute force attacks. A Brute force attack consists of systematically checking all possible keys or passwords until it gets to correct one.
You can slow down any brute force attack in your WordPress site by delaying system logging to one second. WordPress Login Delay is the new WordPress plugin that automatically adds a second delay in WordPress. One second delay is OK for human visitors, but it looks like eternity for a bot making thousands of requests.