What if someone else with malicious intents increases difficulty for your nickname, intentionally making wrong attempts ? Ooops, and in order to login you need to do a couple of giga-hashes. Or, if you wish, we can do it for you, for a small amount of ether... See how it works?
Again: users should be able to choose captcha as alternative to POW. They could do this in such cases.
That doesn't fix the issue though. They're then still going to have to use the captcha?
What if, at some point, the user who was using 50000 IP addresses returns to try to bruteforce the forum again and attack everyone's user accounts and makes it extremely difficult for everyone to log-in without the captcha. Also, it'd use a lot of unnecessary CPU power to try to mine it - especially if they don't know how long they'd have to wait first.