WordPress built sites are under major attack from more than a denial of service attacks (DOS).
As a precaution, I have limited the number of login attempts on this blog to prevent people running malicious programs to crack the logins.
You can read more at Ars Technica:
Or from a WordPress founder:
Powered by DASH 2.0