This isn’t built into the plugin as it’s not really a brute-force protection issue. The protection against this is to remove ‘admin’ as a username on the blog. From this, all “vulnerabilities” associated with this are removed.
Protecting against account hacking is best done against all accounts, through user identity verification (2-factor auth), and preventing bulk and automated-bot login attempts.
It may however be used to identify potential undesired sources of traffic, which is something we’re considering for future releases.
Thanks!
