My personal infosec approach is to 1) observe some basic best practises against brute-force, data dumps or dictionary attacks, and 2) avoid becoming important enough to be targeted by anything more sophisticated than that.