There is no session created when log in fails, but you could use the Session that is used when the user log in is successful. Usually, a UserID session is set when the log in is successful, so you can create a rule and call it login failed and set the rule to be when the session UserID does not exists or equal "". And use that rule for your region.