As a side note, trying various passwords doesn't strike me as a great idea either. You're basically telling the site you're trying to log into your other passwords you use, along with a username. At the very least you're revealing something about how you derive your passwords, if you have some scheme.

I'd say that if I'm not sure about the right password, it's safest to go straight for a password reset function, instead of giving all my passwords or a password derivation method to some random website.