Authentication limit

Greetings,

Is there any way to limit login attempts, basically three attempts and then login timeout?

Right now login is made using local (hard coded users in file), but soon plan to migrate auth to AD.