If someone tries to brute force passwords their IP will be blacklisted.

• The IP will be denied access then un-listed after 24 hours
• This can be immediately cleared by restarting the Noodle service
• The feature may be disabled or specific whitelisting entries added from the System Settings > Security section
• The default threshold (20 failures per minute) may be adjusted  via the BlackList.PerMinuteThreshold option in noodle.properties.
• One NATed IPv4 user can get many users blacklisted due to shared IP. IPv6 or internal monitoring are the only way to prevent that without disabling blacklisting.