Mostly WordPress login pages are targeted for brute force attacks or other vulnerabilities. Below are steps to password protect wp-admin login :
# Login to your cPanel.
# Scroll down till you see the Security Tab
# Click on the “Password Protect Directories”
# Next screen will ask you for directory location. just click on web root >> navigate to the folder where your WordPress is hosted. Then click on the /wp-admin/ folder.
# Simply check the box to password protect the directory. Then create a user for the directory.
# Back to cPanel Home page and open File Manager
Open & Edit .htaccess file and add the following code into .htaccess file
# Now when you try to access http://YourDomain.com/wp-admin , you will see an authentication required box.