Hi,
after installing the Plugin and activating Block user enumeration i found expected entries:
Oct 12 03:36:23 wordpress(domain)[1923961]: Blocked user enumeration attempt from 81.161.229.23
Oct 12 05:34:23 guenter wordpress(domain)[2020429]: Blocked username authentication attempt for uxf65gg46l4 from 178.32.114.31
so ich changed user_login and user_nicename in the Database.
Some days later the new Name was in the log.
So i changed again, but this time with Prefix USERLOGIN / NICENAME
The Nicename was soon in the log:
Oct 12 00:32:08 wordpress(domain)[1671304]: Blocked username authentication attempt for NICENAMEuxf65gg46l4t from 104.244.77.79
Userlogin only for successfull logins:
Oct 12 07:34:48 wordpress(domain)[2247344]: Accepted password for USERLOGINuxF65Gg46L4 from 95.130.160.92
Don’t found where the User Nicename is leaked. If it’s only on my page it may be the Theme (Frontline is a theme run on Elementor Page Builder Plugin) 
It’s not so bad, as the username login is blocked and i get attackers via fail2ban
And thanks for the Plugin 