diff --git a/app/dao/users_dao.py b/app/dao/users_dao.py
index cf64bd100..d3f77b9e9 100644
--- a/app/dao/users_dao.py
+++ b/app/dao/users_dao.py
@@ -62,3 +62,9 @@ def get_model_users(user_id=None):
     if user_id:
         return User.query.filter_by(id=user_id).one()
     return User.query.filter_by().all()
+
+
+def increment_failed_login_count(user):
+    user.failed_login_count += 1
+    db.session.add(user)
+    db.session.commit()
diff --git a/app/user/rest.py b/app/user/rest.py
index 2be9828d8..c57ad577c 100644
--- a/app/user/rest.py
+++ b/app/user/rest.py
@@ -5,7 +5,7 @@ from sqlalchemy.orm.exc import NoResultFound
 from app.dao.services_dao import get_model_services
 from app.dao.users_dao import (
     get_model_users, save_model_user, delete_model_user,
-    create_user_code, get_user_code, use_user_code,
+    create_user_code, get_user_code, use_user_code, increment_failed_login_count,
     create_secret_code)
 from app.schemas import (
     user_schema, users_schema, service_schema, services_schema,
@@ -71,6 +71,7 @@ def verify_user_password(user_id):
     if user.check_password(txt_pwd):
         return jsonify(''), 204
     else:
+        increment_failed_login_count(user)
         return jsonify(result='error', message={'password': ['Incorrect password']}), 400
 
 
diff --git a/tests/app/dao/test_users_dao.py b/tests/app/dao/test_users_dao.py
index 8f178ff65..6d17a9b3b 100644
--- a/tests/app/dao/test_users_dao.py
+++ b/tests/app/dao/test_users_dao.py
@@ -1,7 +1,14 @@
 from sqlalchemy.exc import DataError
 from sqlalchemy.orm.exc import NoResultFound
+
+import pytest
 from app.dao.users_dao import (
-    save_model_user, get_model_users, delete_model_user)
+    save_model_user,
+    get_model_users,
+    delete_model_user,
+    increment_failed_login_count
+)
+
 from tests.app.conftest import sample_user as create_sample_user
 from app.models import User
 
@@ -60,3 +67,10 @@ def test_delete_users(notify_api, notify_db, notify_db_session, sample_user):
     assert User.query.count() == 1
     delete_model_user(sample_user)
     assert User.query.count() == 0
+
+
+def test_increment_failed_login_should_increment_failed_logins(notify_api, notify_db, notify_db_session, sample_user):
+    assert User.query.count() == 1
+    assert sample_user.failed_login_count == 0
+    increment_failed_login_count(sample_user)
+    assert sample_user.failed_login_count == 1
diff --git a/tests/app/user/test_rest_verify.py b/tests/app/user/test_rest_verify.py
index 6da13358e..bb1876e81 100644
--- a/tests/app/user/test_rest_verify.py
+++ b/tests/app/user/test_rest_verify.py
@@ -182,6 +182,9 @@ def test_user_verify_password_invalid_password(notify_api,
                 path=url_for('user.verify_user_password', user_id=sample_user.id),
                 method='POST',
                 request_body=data)
+
+            assert sample_user.failed_login_count == 0
+
             resp = client.post(
                 url_for('user.verify_user_password', user_id=sample_user.id),
                 data=data,
@@ -189,6 +192,7 @@ def test_user_verify_password_invalid_password(notify_api,
             assert resp.status_code == 400
             json_resp = json.loads(resp.get_data(as_text=True))
             assert 'Incorrect password' in json_resp['message']['password']
+            assert sample_user.failed_login_count == 1
 
 
 def test_user_verify_password_missing_password(notify_api,