Failed log in attempts - how do they get my username?

I recently had my Wordpress site hacked (on another host). Since rebuilding it and moving to dreamhost I have also installed sucuri plug in which monitors log in attempts - failed and succesful.

I also removed the admin account and created a new account with admin privileges and using a username which was fictitious and not easily guessable.

For some weeks that seemed to work though I was gettign about 15-20 failed attempts to log in using Admin as a username.

Worryingly, in the last few days I am getting failed log in attempts using the username I created for the admin account.

How did the bot get hold of my username? It seemed like a pointless exercise in removing the admin username if there is a simple way for a spammer to find out alternative usernames…I have not used that name in any posts or comments and searching the site for that name gives no results.

I suppose the bigger question is - should I be worried?

There’s a number of ways to pick out the admin username from a WordPress site. Probably the easiest one is to view the RSS feed — your username shows up as the “author” of your posts.

Don’t rely on using a secret username to keep your site secure.

Thanks for your reply - I do not rely solely on a secret username but that is (was) one tool in the armoury.

I have not posted any posts on the website - though I did import some from the old website which did not use that name - so don’t understand how the method you mention would be used to determine the username. The posts seem to use the first name/last name rather than the username.