Agreed, the option to immediately ban anyone using 'admin' as an attempted username would be good? Presumably no-one uses 'admin' as their admin login name do they? So it's just the brute force attacks that try it, so surely then an ideal indication of an IP address that should be blocked straight away. No?
On the other hand, there is the 'immediately block IP using a username that doesn't exist' option (paraphrasing, but it's called something like that). That immediately blocks IP trying their luck with an admin login for me as I have no user called admin. So maybe that is the solution?
Regards, James