My apologies, however that is not an impressive response in the very least.
there are many reasons there would be "extra code" in those files and should be taken into account by your software not your software users. as a matter of fact for many things "extra code" in these files is *required*. on the other hand adding "extra Code" is a solution to the memory problem the revised plugin introduced.
and more technically there is really no such thing as "extra code" if it is deliberately placed and functionally useful.
after the fourth update in two days it is obvious there are issues you are attempting to overcome, but the above solution is only a temporary fix at best.
any security that blacklists an admin after back-end changes is noodled spaghetti code, not the fault or problem of the user. more testing less pushing the pro version until it is up for "release version" perhaps.
please fix this promptly , and make it work too. there is no easy way to back out of your plugin now, we are counting on you to make it work out of the box.
the above response is not acceptable, please try again.
i do not wish to be harsh, but there are other issues, but this one trumps all other concerns, in spades.
it actually allows a log back in after timeout period (even with "extra code" , but still that is not good enough as it is sporadic and random lockout at that. so it really has nothing to do with "extra code" as much as something you have started doing is not working as well as what did work fine.
functionality before ambition please. you should allow for "extra code" in these files as administrators often require it..
how about not blacklisting by user id? (as opposed to ip, since may ip's are randomly assigned and from a security perspective ipv4 can be spoofed, and is therefore not that secure anyway).
hope this helps put things in perspective.