I came across an issue recently that I didn't bring up at the time but I do hope it can be solved so here it is.
When using the great multisite privacy plugin (love it) it conflicts with any brute force attack plugin I have found. Strange as it may sound, what happens is any time someone visits a "Private" site on the network it registers as a "Failed login attempt"
If the blog is visited enough times in a short matter of time, the IP and user is blocked (happened to me!) Also, I was using a plugin that logged all failed attempts and this is how I found out this is what it was really doing
The log was filled with failed login attempts from me just simply visiting private blogs on the network. Any way around this by chance? Thanks!