Login Lockdown has become a part of my standard WordPress install now, it is THAT GOOD!
It records the IP address and time-stamp of every failed login attempt to your site and If more than a certain number of attempts are detected within a specific period of time from the same IP range, then the login function is disabled for all requests from that range.
Acting as a firewall for your website, it helps to prevent brute force password discovery.