enigma1 - 4:23 pm on Apr 22, 2011 (gmt 0)
The main way to truly protect the admin folders is to use your host's password protect directories from your cpanel. Make sure you lock it down from there. You cannot protect the osC admin folder from the application level there just too many factors.
In fact the login page that was introduced with the RC versions made security very weak as merchants believe the back end cannot be compromised and do not add the password from the cpanel which is a grave mistake.