diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs
index 00498f7e61..378306fdb4 100644
--- a/src/Umbraco.Web/Editors/AuthenticationController.cs
+++ b/src/Umbraco.Web/Editors/AuthenticationController.cs
@@ -21,6 +21,7 @@ using Umbraco.Web.Security;
 using Umbraco.Web.WebApi;
 using Umbraco.Web.WebApi.Filters;
 using umbraco.providers;
+using Umbraco.Core.Logging;
 
 namespace Umbraco.Web.Editors
 {
@@ -102,23 +103,25 @@ namespace Umbraco.Web.Editors
         [SetAngularAntiForgeryTokens]
         public UserDetail PostLogin(LoginModel loginModel)
         {
+            var http = this.TryGetHttpContext();
+            if (http.Success == false)
+                throw new InvalidOperationException("This method requires that an HttpContext be active");
+
+            var ipAddress = GetIPAddress(http.Result);
+
             if (UmbracoContext.Security.ValidateBackOfficeCredentials(loginModel.Username, loginModel.Password))
             {
                 var user = Security.GetBackOfficeUser(loginModel.Username);
 
                 //TODO: Clean up the int cast!
                 var ticket = UmbracoContext.Security.PerformLogin(user);
-
-                var http = this.TryGetHttpContext();
-                if (http.Success == false)
-                {
-                    throw new InvalidOperationException("This method requires that an HttpContext be active");
-                }
                 http.Result.AuthenticateCurrentRequest(ticket, false);
 
                 var result = Mapper.Map<UserDetail>(user);
                 //set their remaining seconds
                 result.SecondsUntilTimeout = ticket.GetRemainingAuthSeconds();
+                
+                LogHelper.Info<AuthenticationController>(string.Format("Login attempt succeeded for username {0} from IP address {1}", loginModel.Username, ipAddress));
                 return result;
             }
 
@@ -126,6 +129,8 @@ namespace Umbraco.Web.Editors
             // by our angular helper because it thinks that we need to re-perform the request once we are
             // authorized and we don't want to return a 403 because angular will show a warning msg indicating 
             // that the user doesn't have access to perform this function, we just want to return a normal invalid msg.
+            
+            LogHelper.Info<AuthenticationController>(string.Format("Login attempt failed for username {0} from IP address {1}", loginModel.Username, ipAddress));
             throw new HttpResponseException(HttpStatusCode.BadRequest);
         }
 
@@ -141,5 +146,20 @@ namespace Umbraco.Web.Editors
         {           
             return Request.CreateResponse(HttpStatusCode.OK);
         }
+
+        // From: http://stackoverflow.com/a/740431/5018
+        protected string GetIPAddress(HttpContextBase httpContext)
+        {
+            var ipAddress = httpContext.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
+
+            if (string.IsNullOrEmpty(ipAddress)) 
+                return httpContext.Request.ServerVariables["REMOTE_ADDR"];
+
+            var addresses = ipAddress.Split(',');
+            if (addresses.Length != 0)
+                return addresses[0];
+
+            return httpContext.Request.ServerVariables["REMOTE_ADDR"];
+        }
     }
 }
\ No newline at end of file