problem started from trunk revision 12442 (changed 'congig.inc.php')
Steps for reproduce:
1. Set Russian (or other non-english, which not have recently added translation strings) locale for you login.
3. Try login with force type INCORRECT password
4. After try login with correct password
5. See error on top (screen shot attached)
Reason: locale not contain some strings. In this case not contain 'S_CUSER_ERROR_FAILED_LOGIN_ATTEMPTS' and others.
Not translated strings must be displayed in English!
Also i tested accoun locking function and wanted to say that not all the relevant documentation. It needs to be corrected.
My test results:
The report of an attempt to brute reported only to the user whose password tried to pick up.
The account is blocked for 30 seconds and not 60 as pointed in the documentation.
What does it mean 15 minutes? - To describe more clearly.
Empty password is not considered as attempt to brute that may have not correctly.