1. Limit Login Attempts : This plugin blocks a user for 20 minutes after he enters wrong password 4 times (default values, can be changed). It is good way to avoid Brute Force attack .
2. Sabre :If you own a WordPress powered blog where users can register freely and see a lot of fake registrations, this plugin can stop fake user registration by bots. It can add image verification or math test to registration process among other measures to make sure fake users are not created.
4. Bad Behavior : It checks the visitor’s IP against Project Honey Pot Database to see if it’s a spammer’s. If malicious, it can block that IP from accessing your blog.
5. Secure WordPress : This plugin keeps your WordPress installation secure with the help of little functions. It hides information regarding your WordPress version from non-administrators and plugin directory from visitors by dropping a blank index.php file.