If five failed logins are made from an IP within one minute, the IP is put on a blackout list. Future logins from this IP are rejected as long as the IP is on this list. The IP remains on the blackout list for auth-blackout-time seconds.

The amount of time an IP is blacklisted can be configured through the CLI: