-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

diff -ruN a/user.py b/user.py
- --- trytond/res/user.py	2017-06-07 11:24:56.101578719 +0100
+++ trytond/res/user.py	2017-06-07 11:24:15.136154818 +0100
@@ -495,7 +495,6 @@
         Return user id if password matches
         '''
         LoginAttempt = Pool().get('res.user.login.attempt')
- -        time.sleep(2 ** LoginAttempt.count(login) - 1)
         for method in config.get(
                 'session', 'authentications', default='password').split(','):
             try:
@@ -505,9 +504,11 @@
                 continue
             user_id = func(login, parameters)
             if user_id:
- -                LoginAttempt.remove(login)
                 return user_id
- -        LoginAttempt.add(login)
+            else:
+                logger.info('Invalid login from : %s', login)
+                time.sleep(3)
+
 
     @classmethod
     def _login_password(cls, login, parameters):
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEErL/ID8iRYxxoqo3IwBXhrgCYkZkFAllBeQ4ACgkQwBXhrgCY
kZmVcg/+KDQoY9wLe566UrXTEiJWcr5uDaNsUM+1+VB1UGHZ5a1RWD0GkkwVVKTT
/xorvL74OBkzoFuhP8cVqVff1n1JydUhDSyWwWKvcTsQYViSHzxFGg8QyChCOC1O
k/UiT7SWRWmgsrOWunXO4fwseH6WfGK9XrFGiexpsj1S+0KZmCEyQxOhVDFA+0BN
vZAstLifsiDSo3TFLFLD3fNU8Bcxrv4uiUjkRPI1Ypu11GMBEMhuV91WoMEuKcYX
Mebc/sJv5rWZBX8WIxX2nVbXb79OP1xA23sj8QrJSngsEW7GbSCwKOm96AzgDYSw
e7XmfIOUUgNHPw1oPH+vKUnLrPalYBxO0YgXK3cTyVLZY2ydG4c7M45euWQb4ZKZ
BVMnKYPL0sJ4mbbC/qq37mINfIg6my6A9adNKiK1huB0hVhtatD4UQcJfd46rVbb
q4MOCOosM/RKNSdm81oZBFrJ5ViPNpHxcm0/9xXnV7XgJIMNWo73x0DyptJyCGnV
v7jAWyERDkOo3KZ/dyQHSBK0OKJsVlwAyUrVaD25uO5HX6K1eo6xObr1iRmGpSO7
LOEZS42ROHBiDsMCn1FAFkj+k6W7kvjeEX66HOlafl1F50GTRaeYfCkALTtXS2ZL
lfmJkcP0438WVUNR6uW+L8uVQXyEeBCrpD8wprKRlxQQgv21LDM=
=fsJE
-----END PGP SIGNATURE-----