On an auth failure the uid and the IP address should be logged to the standard log file.

This update works for a standard setup, when using a proxy for the server one can probably use the X-forwarded-for header
  instead of the remote address.

lib/base.php

@@ -730,6 +730,8 @@ class OC {
 			// Someone wants to log in :
 		} elseif (OC::tryFormLogin()) {
 			$error[] = 'invalidpassword';
+			OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'],
+			OC_Log::ERROR);
 		}
 
 		OC_Util::displayLoginPage(array_unique($error));