Here are two simple steps/reasons why they were unsuccessful !
1. I have my main admin username set as something other than WP default "admin". All of the brute force attempts were using either "admin" or "Admin" as the username.
2. I have a free plugin installed called Limit Login Attempts. It tracks the users by ip and a cookie who are trying to login. It locks out anyone after 4 failed attempts for 25 min and after 4 lock outs for 24hours. This makes running a brute force impossible. (It also has stats that show you the ip and the attempted username of anyone who has been locked out)
The above steps should be the minimal steps everyone should take to potect their site.
Please share your tools or tips how you protect your sites.