To make your Sitekit CMS Admin System more secure, you can enable two-factor authentication for every admin login (from v12).
Once enabled, when one of your administrators tries to log in to the admin system they will be emailed a code which they will need to enter into a box on the login screen before they can login.
Configurable Admin Login Endpoint
The admin login page endpoint is now configurable. Normally you would login using the endpoint <your-domain>/admin but, from v12, you can change the endpoint to anything you like to make it more difficult for malicious users and bots to discover your login page.