After witnessing large scale brute force attacks at /downloader/ URLs (Magento Connect interface), we have extended our brute force filter. This will save resources and minimize the risk of hackers actually finding your password! Subjects are temporarily (2h) banned after trying 10 POSTs.