diff --git a/src/Filter/Login.php b/src/Filter/Login.php
index 4a993a1..6d724bc 100644
--- a/src/Filter/Login.php
+++ b/src/Filter/Login.php
@@ -12,6 +12,8 @@ class Filter_Login extends Filter_Filter
 {
     const SESSION_BROWSER_SIGN_SECRET = '@w3dsju45Msk#';
     const SESSION_BROWSER_SIGN_KEYNAME = 'session.app.browser.sign';
+    const AUTH_MAX_ATTEMPT = 10;
+    const AUTH_LAST_ATTEMPT_TIMER = 600;
     public $mode = 'ajax';
     public $user;
 
@@ -42,18 +44,38 @@ class Filter_Login extends Filter_Filter
 
                         $db = Database::getConnection($dsn);
                         $user = $db->fetchOneArray("SELECT * FROM users WHERE login = :login", ['login' => $login]);
-                        $userPassword = $user['password'];                        
+                        $userPassword = $user['password'];
                     } /*else if (time() - $result->getInt('lastupdate') > 60*60*24*60) {
-                        // Проверить давность пароля, 60 дней 
+                        // Проверить давность пароля, 60 дней
                         $request->set('error', true);
                         $request->set('lastupdate', true);
                         return false;
                     }*/
-                    
+                    // Проверка на количества попыток авторизации
+                    $lastAttempt = $db->fetchOneArray(
+                        "SELECT trie_count, trie_time FROM users WHERE login = :login", ['login' => $request->get('login')]);
+                    if ($lastAttempt['trie_count'] >= self::AUTH_MAX_ATTEMPT /*&& time() - $lastAttempt['trie_time'] < self::AUTH_LAST_ATTEMPT_TIMER*/) {
+                        if (time() - $lastAttempt['trie_time'] < self::AUTH_LAST_ATTEMPT_TIMER) {
+                            $request->set('timeout_error', true);
+                            break;
+                        } else {
+                            $db->executeQuery(
+                                "UPDATE users SET trie_count = :count WHERE login = :login",
+                                ['count' => 0, 'login' => $request->get('login')]
+                            );
+                        }
+                    }
                     // Извлечнеие пользователя из родительской CMS, для проверки пароля
                     if (md5($password) == $userPassword) { // password
                         $this->enter($db, $result);
                         return true;
+                    } else {
+                        // Обновление количества неудачных попыток входа
+                        $user = $db->fetchOneArray("SELECT id_user, trie_count FROM users WHERE login = :login", ['login' => $login]);
+                        $db->executeQuery(
+                            "UPDATE users SET trie_time = :cur_time, trie_count = :count WHERE id_user = :id_user",
+                            ['cur_time' => time(), 'count' => $user['trie_count']+=1, 'id_user' => $user['id_user']]
+                        );
                     }
                 }
                 $request->set('error', true);
@@ -110,7 +132,7 @@ class Filter_Login extends Filter_Filter
     {
         $this->user = $result;
         $random = rand(0, 1024 * 1024);
-        $db->executeQuery("UPDATE users SET sid = '$random' WHERE id_user = " . $result->getInt('id_user'));
+        $db->executeQuery("UPDATE users SET sid = '$random', trie_count = 0 WHERE id_user = " . $result->getInt('id_user'));
 
         $_SESSION["group"]  = $result->getInt('access');
         $_SESSION["access"] = $result->getInt('id_user'); // id_user