If you do not already have wp-login.php protection enabled on your account do please open a support ticket and we can put this protection in place for you.  It is possible this protection may automatically be put in place should your site come under attack at which point we would contact you to let you know the details.

1. Log into your cPanel and go to "Directory Privacy" under "Security" [type 'password' into the find box to make this easier].
   
   
   
   
   
2. You may see a pop-up asking you to choose a directory to open and, if so, choose "Web Root" and hit "Go".
   
   
   
   
3. You should land in your public_html folder [document root] and you will want to click on "Up One Level" to go to your home directory.
   
   
   
   
4. You will now see a list of your files in your home directory and you will see the "Current Folder" is "/".  Click on the "/" [not the folder icon, but just the slash] to begin editing your wp-login.php usernames and passwords.
   
   
   
   
5. On this next screen you will see the settings for your wp-login.php protection.  You will not want to modify any of the options in the "Security Settings" box or you will break the wp-login.php protection requiring manual repair.
   
   You can add new users via the "Create User" section and remove them via the "Authorized Users" section.  To change a user's password you will first need to remove it from the "Authorized Users" section and then add it back via the "Create User" section.