Hacking Attempt/Invalid User Information

So my hostee’s site has had someone trying to brute force their way into the admin for the last two days. My hostee has tried blocking the culprit’s IP address, but to no avail because they change IP addresses every time. It’s gotten to the point that both of us get the 127.0.0.1 error every time we go the the wp-admin page, and even when I alter the .htaccess to get around THAT, she can’t login with her wordpress account bc she’s told that her login info is invalid.

I’ve tried to go in through the actual database via phpMyAdmin to manually change her password/add myself as a second user, but both attempts have ended in the same result – invalid login information. We can’t reset the password (we get the same invalid login info error), and when I tried to login using the info that I’d just added the database, MY IP was banned. Somehow.

I’m at a loss as to what to do at this point. Any suggestions as to how to even just get back in to the admin panel would be helpful at this point.

Thanks.

The page I need help with: [log in to see the link]