diff --git a/app/classes/ratelimiter.php b/app/classes/ratelimiter.php
index 04d4a09..504fdee 100644
--- a/app/classes/ratelimiter.php
+++ b/app/classes/ratelimiter.php
@@ -427,7 +427,12 @@ class RateLimiter {
         return $result['total_attempts'] < $this->autoBlacklistThreshold;
     }
 
-    public function attempt($username, $ipAddress) {
+    public function attempt($username, $ipAddress, $failed = true) {
+        // Only record failed attempts
+        if (!$failed) {
+            return true;
+        }
+
         // Record this attempt
         $sql = "INSERT INTO {$this->authRatelimitTable} (ip_address, username) VALUES (:ip, :username)";
         $stmt = $this->db->prepare($sql);
diff --git a/app/pages/login.php b/app/pages/login.php
index 11355ed..0c536bd 100644
--- a/app/pages/login.php
+++ b/app/pages/login.php
@@ -201,8 +201,7 @@ try {
                 ],
                 'password' => [
                     'type' => 'string',
-                    'required' => true,
-                    'min' => 8
+                    'required' => true
                 ]
             ];
 
@@ -226,8 +225,8 @@ try {
                     throw new Exception(Feedback::get('LOGIN', 'TOO_MANY_ATTEMPTS')['message']);
                 }
 
-                // Record this attempt
-                $rateLimiter->attempt($username, $user_IP);
+                // Record this attempt before trying to login
+                $rateLimiter->attempt($username, $user_IP, false);
             }
 
             // Attempt login
@@ -262,6 +261,7 @@ try {
             if (isset($username)) {
                 $userId = $userObject->getUserId($username)[0]['id'] ?? 0;
                 $logObject->insertLog($userId, "Login: Failed login attempt for user \"$username\". IP: $user_IP. Reason: {$e->getMessage()}", 'user');
+                $rateLimiter->attempt($username, $user_IP);
             }
         }
     }