# File lib/devise/models/lockable.rb, line 75
      def valid_for_authentication?
        return super unless persisted? && lock_strategy_enabled?(:failed_attempts)

        # Unlock the user if the lock is expired, no matter
        # if the user can login or not (wrong password, etc)
        unlock_access! if lock_expired?

        if super
          self.failed_attempts = 0
          save(:validate => false)
          true
        else
          self.failed_attempts ||= 0
          self.failed_attempts += 1
          if attempts_exceeded?
            lock_access! unless access_locked?
            return :locked
          else
            save(:validate => false)
          end
          false
        end
      end