The whole point of it denying you entry (with an increasing timer) is to prevent somebody guessing common passwords and eventually finding the right one for your account. Allowing someone to bypass the lockout once they enter the correct password would completely defeat the point of the lockout.
If you've tried to send me an email, I have not received one describing anything remotely related to what you've stated in this thread.
EDIT: If you're trying to login via TOR, it is entirely possible that somebody else using the same exit node was trying to get into someone's account. The lockout is IP based. You're allowed one failure in 24 hours with no penalty. Then the penalty is 1 second. Then 2, 4, 8, etc. The lockout is exponential based on failed attempts from your IP in the past 6 hours. The maximum lockout being 1 hour between attempts (3600 seconds).
The email I sent went to "email@example.com
". And I did get a response, just checked. My account apparently got "pruned" or deactivated due to my inactivity (I was out of the country for 9 months).
I understood the point of it increasing the timeouts. It makes sense from a security standpoint. But after I saw that the time keep going up, I waited more than an hour and it still didn't work. But it was made clear to me that the problem was my inactivity... and trying again (just now) a new message appears. I did not see this one erlier today. The message reads:
"Your account was pruned from the active users database due to inactivity. An automated restoration of your account is being run, please try logging in again in a few seconds."
Which concurred with the email from the webmaster. I tried again...and it let me log in. So, my problem was resolved. However, I do recommend the website be reprogrammed to warn people that login is failing due to a pruned inactive accounts.
Seeing what happened, I will not use this as an excuse to move to another pool. I'll stick with it for now.
Thanks for your thoughts and help.