Would be great to have a cloud-based system that identifies and prevents malicious login attempts as part of your Site Protect add-on. I've been using Limit Login Attempts Reloaded but it has got very bloated and upsell-y, and it still uses significant server resources when the login page is getting hammered.