4
Get access how? Get access to what... administrator privilege? Have you set a 'difficult' password? Do you log out after you have been signed into the administrator account? What does "crash the site" mean? Do they just vandalize by posting offensive content in e.g. the forums?
It could also be a security problem with your hoster. I don't know anything about them, but if they are poorly set up it is possible for someone to read your mainfile.php containing MySQL user/password info, and perhaps attack the site that way.
If you can provide *much* more specific details on what is going wrong, we can try and help figure out how to prevent it. THanks