If your administrator username is admin (or something similar) then you are opening yourself up to a brute force attack and its potentially disastrous consequences.
Every hacker knows that the default WordPress administrator username is admin and, unfortunately, there are enough WordPress installations that use this default can just simply concentrate on passwords.
This Weekend WordPress Project is simple but vital: change your administrator username. It won’t guarantee protection from a hacker, but it’s going to make it significantly more difficult.
You cannot change the administrator username in the WordPress admin interface. In fact, once created, you cannot change any username.