I get emailed a report each day showing unauthorised attempts to log-in to my servers, and these usually show half a dozen or separate systems trying to guess a user-name and password combination that will let them gain access and presumably engage in various nefarious digital activities.
Before taking measures to prevent multiple log-in attempts, sometimes thousands or tens of thousands of log-in attempts could be seen from single IP addresses. As well as being a little alarming, this caused the email notifications which listed everything to become rather large and take a while to download and a very long time to open.
When looking at a list of possible hackers from around the world trying to log-in it is reassuring to remember some numbers. For example, supposing I was using an easy-to-guess user-name and a random string of 8 characters as a password - this has 218,340,105,584,896, (about 218 trillion), possible combinations and would take a while to guess. If you also use a random 8-character string as the user-name you get a number so huge that even if you could test 1 million possible combinations per second, it would still take more than 150 trillion years to try them all. Of course, the user-name and/or password might contain fewer or more than 8 characters, just to make things really tricky...
This is no special defence against determined and talented hackers, but it seems to be stopping the wandering sniffers and bots that crawl about looking for wide-open systems.