Openfire is generating WARNING with an entire stack trace when users try to login with wrong password. As denying a user from logging in, based on incorrect account credentials is perfectly valid behaviour, this SHOULD only generates an INFO with a message.
This is an easy improvement. All we need to do is change the logging of the event.
Thiago created a patch, which has been applied to trunk.