That is done by intent, brute force hackers will get no clue that a user name is correct.
It's intended by Mendix, but it's possible to change the default system text values @ Project -> System Texts. We did that in of our projects.
You can't change that specific error message but you 'could' change the generic sign-in failed messages from the System Texts section under Project settings. I have not tested to see if it the block message gets its text from these settings - but I'm thinking it just uses the Item 'User name/password incorrect.'