Just solved the problem.
While the brute force protection was activated, the MySQL table “oc_bruteforce_attempts” has filled with my username, triggering the bruteforce protection when I tried to login.
After disabling bruteforce protection, I still encountered the problem. Rebooted my NC server: still same problem. I could not reboot my MySQL server, it is a production machine. However, I issued the following mysql statement:
“DELETE FROM oc_bruteforce_attempts”
SHAZAM! Now the login is quick, and the table is not filling up again.
The bruteforce protection needs more intelligence. Like when a user / IP succeeds, clear the info from the table. I disabled it for the moment. When it gets good enough, I will reactivate it. For the moment, just using strong passwords should do the trick. And other protection in frnt of the web server.
Have a good one!