Additional measures to prevent login attempts

[codeling]

As an addition to https://github.com/codeling/bfstop/issues/76, one could also consider the "score" calculated there for determining additional measures to be taken during login; Acces to the login form with a high likelihood of being an attack could for example be presented with a captcha to be filled (even for the first login attempt), while access determined to have a low likelihood of being an attack would not get this captcha.

To do this, the first step would be to evaluate ways of adding a captcha or other additional anti-bot measures to the login form.