Yesterday and today one of my WP sites is under attack by one of more people try to login. Probably an automated script. How do I know this is happening? I'm using a free plugin that emails me when it soemone tries to break in. Not only that I can limit the amount of times they can try to login and I can determine how long they will be locked out. I've tried a bunch of paid plugins and many of them work but but this one if free so I thought I would pass it along. Even if it's the only security pluging you use it will help you. I hope this helps. http://wordpress.org/plugins/limit-login-attempts/ Ron