Hiding your WordPress login page is a great way to secure your site from both targeted hacks and automated brute-force attacks.
Why you should care about hiding the login page?
The answer is: Brute-force attacks.
In a brute-force attack, hackers basically try to guess your username and password over and over until it breaks in.
They’re hoping that, with enough tries, they’ll find the magic combination. Now I think you’re seeing where hiding the login page comes into it… if you hide your login page, there’s nowhere for hackers to run their brute-force attack.
So protecting the login path from your website is really important.
A quick and simple way to do that is to use a plugin like Hide My WP Ghost
Once you install it, you can customize the wp-login and also hide the /wp-login and /wp-login.php path from your website.
The extra feature this plugin has is to protect your login page from Brute Force attacks in case you have the login option for your members on your page.
You can use Math Check protection or reCaptcha protection from Google. Both protections are fine and will block the hackers to a limited attempts of login.
You can download the plugin from here: Hide My WP Ghost