diff --git a/axes/handlers/database.py b/axes/handlers/database.py
index b97c0c3..aa82919 100644
--- a/axes/handlers/database.py
+++ b/axes/handlers/database.py
@@ -125,6 +125,7 @@ class AxesDatabaseHandler(AbstractAxesHandler, AxesBaseHandler):
                 username=username,
                 ip_address=request.axes_ip_address,
                 user_agent=request.axes_user_agent,
+                defaults={"failures_since_start": failures_since_start}
             )
             # Update failed attempt information but do not touch the username, IP address, or user agent fields,
             # because attackers can request the site with multiple different configurations
@@ -136,7 +137,8 @@ class AxesDatabaseHandler(AbstractAxesHandler, AxesBaseHandler):
             attempt.post_data = Concat("post_data", Value(separator + post_data))
             attempt.http_accept = request.axes_http_accept
             attempt.path_info = request.axes_path_info
-            attempt.failures_since_start += 1
+            if not created:
+                attempt.failures_since_start += 1
             attempt.attempt_time = request.axes_attempt_time
             attempt.save()
             # Record failed attempt with all the relevant information.