Normally when I build a website, I use fourteen digit security codes (mixed letters, numbers and symbols) for both username and password logins.
Normally.
Recently I put up a test blog to show someone else how some software worked. I used "admin" as the username and 123 as the password. I did not bother to install any security software (log-in protection).
In no time at all it had been been hacked by some idiots.
These people scrape sites that use "admin" as their username and then software to come up with possible passwords ("123" must be the most common!).
In my case I just deleted the hosting account and re installed on a new one. As it was a test blog nothing was lost. As I said, it was the only time I did not use any "proper" security and the site got hacked almost immediately (probably as soon as it "pinged").
So, the moral is check your security arrangements and never use "admin" as your username (the hackers are already half way there just by looking for that).