It's now been nearly 20 hours since configuring the Roku with the Roku-specific account on BI. Not a single attempt on those creds. Meanwhile, the ones for the VERA account are too numerous to count. I added about 10 or so IP octets (-113.*.*.*, -85.*.*.*, -175.*.*.*, etc) to the webserver IP list. That has all but stopped the logins. I still see the connections, but logins are over. I then changed the forwarded port on the router, and turned on secure only. For the last two hours, there have been zero connects or logins that weren't legit. I'm sure it's just a matter of time before they port-scan and find the new port.