March 19th, 2012
Limit users to X number of login attempts in a certain timeframe. For example, 5 attempts in a 5 minute window will block the user account and optionally notify someone via email.
Parameters: How many failed attempts, Timeframe, Email user?, Optional BCC email notification.
This isn’t true Brute Force Protection yet, but future versions will allow optional blacklisting of IP’s for too many login failures.