Tracks failed login attempts in {prefix}or_login_attempts by both IP address and email.
Defaults
- 5 failed attempts within 15 minutes → account locked for that window
- Configurable in Settings → Authentication Features
Clear on success
On successful login, all login attempts for that email are cleared from the table.