Wouldn't you want to know who/what was trying to brute force your site before just letting it try again five minutes later? If not, I guess that's fine but ultimately I would want to know how many times that login attempt threshold has been breached per account.
