I would like the option to, after the maximum number of failed login attempts have been exceeded, require users to do password recovery instead of blocking their accounts .
I do not want it possible for a harasser to cause a harassed member's account to be blocked by maxing out the number of failed attempts. I would like the harassed member to be able to recover from the harassment quickly by doing lost password recovery rather than have the member wait for an admin to unblock the account. I also to do not want my site's admin to spend time unblocking accounts due to harassment cases.
I also do not want it possible for an account blockage to happen because a spambot correctly guessed a user name but failed to guess the right password.