No login attempts limiting could be a security risk

[Christian-Little-Tava]

While checking our logs, we noticed an IP that was attempting to brute-force a password for our admin user. Ideally we'd love a way to automatically blacklist ip's after a certain amount of attempts, posting a message to contact an administrator to unblock.