I was having problems with repeated failed login attempts and this tool works the best. When perusing the attempts in my server logs, other security tools would allow the server to respond with html code 200 and appeared to send some kind of valid screen. This tool just sent html code 418, I'm a teapot, an April Fools joke code in RFC 2324 to the locked out offender, Nice touch! I had several sites all running different login security plugins on the same server that all got hit by the same source and the bad guys gave up on this plugin the fastest. I immediately moved all sites to this plugin after looking at the logs.
The email notification works well and there's a ton of other features.