Hallo,
habe im Adminprotokoll komische Logins gefunden:
Es ist kein Benutzername angeben. Die Ip kommt aus der Ukraine.
-----------------------------------------------------------------------------------------------------------------------------------
English:
Hello,
i have found some Logins in Admin Log without Username:
It's no Username set. IP is from Ukraina.
Ich denke nicht, das es eine Sicherheitslücke ist. Der User wird nicht eingeloggt. Das log ist da ein wenig komisch. Ich habe auch solche Einträge im Log. Hab mal angeregt, das ein wenig zu ändern. 
Hello ;
It's the expected behavior. You have the IP of the client that tried to login on and the reason for why the authentication failed. Here, the authentication failed because the username entered is unknown.
Nuxwin
the interesting line is the next one: "<Date> logged in - same IP" - this may lead to a false interpretation.
Normally if I read "logged in" then I think "ok, someone logged in" - and with the IP from Uklraine and the line before - I'm sort of confused...
/J
You must read log by log:
First log:
Here authentication for client with IP 89.252.58.37 failed because unknown username.
Second log:
Here , the authentication for the IP 89.252.58.37 is successful.
To resume:
Whatever it's same client or not you must simply read log by log. 
It's not because authentication fail for a specific client IP that this client will fail to next authentication (retry).
Well - normally when a user logs in there is a username before "logged in", like
"joximu logged in"
Addon:
But since the log should be read from down to top - it's a "logged in" and in the same minute from same IP a "auth failed"....
But still not very clear.
/J
ok, I'll add username for next stable and first stable maintenance release 
hmm, i think a good solution will be, if you dont allow blanks in login field. Only Charakters, Numbers, "_"," -", "." . I think then it does not happen.