I just logged into my site not long after it had undergone a brute force attack and I received the "POTENTIAL INTRUSION AT " email.
The login was from me of course from my IP address, but it still alarmed me for a moment until I realised what it was.
My suggestion is to have a white list of IP address that LSS would check to see if the login was from a known IP. If so, it would not send the potential intrusion email. What do you think? If you don't have time (or interest) to add that feature I totally understand.
Thanks for the great plugin.