Someone from Scranton, PA (or at least whose IP address hails from there) has been trying to hack the ConDFW website for, like, four hours. I've got it set so that if someone puts in the wrong password for 10 times in a row, they're banned for 15 minutes, and every 15 minutes this guy tries to log in again with some sort of variant of "admin" or "administrator" as the password. I finally went and permabanned the IP address. (I also have had "admin" and "administrator" banned as usernames since I installed WP, so he would never have succeeded, but it's the principle of the thing.)
I recommend the Wordfence plugin. It tells me when someone's temp-banned and why and gives me their IP address and the username they were trying to sign in with. This is how I know this.