We were not aware of brute force attacks so far, nor hacked forum usernames.
Anyway, should this happen, a 'captcha' or a visual confirmation on login should fix it, or some mods from phpBB's MOD Database, like
this one.
This will add a Random-graphical-text security code field in Login form to protect your phpBB from being flooded of robotic-member-login. Quite useful.