I've been using your LSS plugin for a few client sites, and am pleased with its performance.
If you're open to suggestions, I have a couple I'd like to propose:
1) It would be great if you could provide more information when the site is under attack. The single email is fine (much better than the mail flood I was getting before), but I would like to see more about what is actually happening. For example, I'd like to see the full IP address that is generating the threat. What username and password combos are being tried? How many attempts have been made? How long has the site been under attack? How much is LSS slowing down the attack?
And if it's not too much to ask, it would also be useful to know where the threat is originating.
I know some of this info is in the database and elsewhere, but ideally, I'd like to see this threat status displayed in the admin panel where both my clients and I can review it.
(Clients, as a generally rule, have a very hard time believing the frequency of hacking attempts that occur on their sites. More easily accessible threat data is better.)
2) In addition to your plugin, I use Cloudflare's caching and threat detection. In general, Cloudflare is able to identify and block known threats and known spammers, but it does not identify new threats or new spammers. It's up to its users to report them so they're added to its threat database.
It would be great if there was an easy interface between your login security solution plugin and cloudflare. Admittedly, I have no idea how difficult that might be to code, but it would be a useful addition if it's not a great deal of work.
Kudos for all of your work. This is a very useful tool!
All the Best,