WordPress stopped auto filling in the ‘admin’ username on install a while ago in version 3.7, but that doesn’t mean someone can’t fill it in that way themselves. Here’s a screenshot that shows why this is a bad idea:
I get these bruteforce notifications multiple times a day. Here’s a few other usernames they like to try:
toor? What the heck is that?