I think that protecting the login form makes a lot of sense. At least having this option would be good.