Hi Charles,
Our enterprise product is used for production deployments and offers enhanced security
You could use that to (1) identify abused user accounts with the reporting features and (2) place API limits on that user or instance
You could do some things with server side scripting and the 2.0 open source product. For example counting user login attempts and implementing progressive delays or account lockout
a simple solution is enforcing strong passwords in the signup process