Yes, great suggestion. It will be nice if the plugin will first check if the login name is a 'real' user name.
If it is a real login name, than it will give more tolerable attempts, for example 10x. But if the name is not in the list of legitimate users, then it will give it only 2x chances or banned it immediately, it include the name: admin.
Previously, my sites have no hackers that able to go to the login page, thanks to the hide backend feature. But recently especially this January, I got almost several login attempts everyday. Very annoying, but it's fun to play police and thief. :)