Email received after failed login attempts to disabled account

[Paul Smith]

Hi,

We often have penetration testing performed on the XNAT instances we support. As part of this testing, attempts are made to log into the default 'admin' account. We have this account disabled, however after 6 failed login attempts we still receive an email to say that the account has been temporarily disabled and gives a date and time for when it will be re-enabled.

Is there any way to prevent the emails being sent for accounts that are already disabled?

Thanks,

Paul