cPHulkd to better SKIP same password attempts

As a Server Administrator, I want cPHulkd to better recognize real Brute Force Attacks.

=====================

By definition: a Brute Force Attacks is a dictionary attack that will try to guess a password of a user by try many DIFFERENT password.

But many times a cPHulkd create FALSE POSITIVE in the following case:

A) the customer change the password but miss to update it in all his devices.

1. He's not try to guessing any password it just create a bunch of login failed with the SAME password.
2. cPHulk blacklist the whole IP and office of the customer.
3. the customer call our desk complaining that the server is not working

B) the customer is try to setup his mailbox but forgot to apply secure connection or forgot to apply the name of the domain to the user trying to access with "user" instead of "user@domain.tld" to his mailboxes.

1. He's not try to guessing any password it just create a bunch of login failed with the wrong username but SAME password.
2. cPHulk blacklist the whole IP and office of the customer.
3. the customer call our desk complaining that the server is not working

****

This behavior CAN be fixed by storing in the cPHulk database not only the username and the IP but also the hash of the password used. By storing it, cPHulk can understand if this is a real dictionary attack or only an obsolete device that is try to access with an old password or wrong username. If there are NO DIFFERENT PASSWORD used, then could NOT BE an attack.

Please fix this. There are too many customer that call everytime they change a password or setup a new device.

And sometimes we have to clear the brute force filter that should not be cleared (mainly because there are also real brute force attempts in the meanwhile).