Hi,
how does the anti Brute-Force mechanism work? How many wrong password entries are possible, and how long is the user(?) or the ip(?) blocked afterwards?
Is it possible to configurate this mechanism?
Sorry, but I’m a little bit hesitated if i cant’t secure it with fail2ban 
Thanks!