Форумы / Cotonti / Extensions / Login attempts

you should not be able to loging for 15 minutes after you type the wrong password/username X times. this would cut down on people guessing passwords.

I got the idea from other CMS's.