Unintuitive authentication security mechanism behaviour

Hello all,
with enabled security mechanism there is some strange behaviour I noticed:
Attempting to login with a non-existent user will cause the security mechanism to trigger for this user if he is created afterwards.
Example: no user foobar exists, try to login multiple times as foobar, create foobar account, attempt login, login failes, you have to enter captcha.

Hi,

that’s indeed the expected behaviour right now, but we should probably improve it. You can report an improvment ticket on Loading...

thanks