Reply to Message

Um. Can servers not tell that someone attempting 1000 log ins per second is probably not the registered user?

I've heard of some sites using an exponential time limit like 2 seconds for the second attempt, 4 for the next, etc. Why is this uncommon?