HI!
Maybe this will sound stupid idea which I apologize for that.

This attack comes from a program (bot)? Is it possible that the login control contains a generated image with scrambled text and writen in a wierd way. A buch of random text readable only by human which is for example on the yahoo site when you apply for a new account. User would have to enter this code upon login which should prevent attacks from a bot.

But it is annoying sometimes to enter this code every time you log-in but it will definetly increase security. Also what is intresting how this person obtains user names to attack? Does he visit this forum or have a program that searches for a name inside for example public forum. It could be also something especialy writen for this php bulletin thing.

my 2 cents