Never hurts to ask. I might also make the /administrator/ directory a restricted directory. That way it increases the trouble crackers go through before ever finding the actual credential prompt.
Plus from what I understand, access logs can reveal failed authentication attempts if the directory is restricted. Might provide an early warning.
