It would be great if we could set a maximum number of failed login attempts within a certain time and then have that ip address blocked.