The Security module allows you to enable certain features that will help to protect your site. If you do not see the "Security" tab while viewing the Theme My Login settings page, click on the "General" tab, followed by the "Modules" sub-tab. Then check "Enable Security" and click "Save Changes".
Log In Attempts
As of Theme My Login 6, the only feature of the security module is brute force attack protection. This works by allowing you to specify a specific number of log in attempts for a user before the account is locked. When an account is locked, the user can not log in to the site. The account can be locked for a specified duration or indefinitely. You can manually unlock an account by visiting the "Users" section of the WordPress admin area. You can also manually lock a user here.