Hello,
We have implemented authentication requirement (from page properties -> advanced -> Authentication Requirement) for some of our sites and added Custom User Group so that only users part of that group can access the site after successful authentication.
The solution does not prevent users from trying as many attempts as they want. This may lead to brute force attack where attacker can try as many combinations for a user and get access to the secured site.
Is there any OOTB feature for locking out users based upon some number of unsuccessful authentication attempts? We can reproduce the same in author environment (though author is accessible by company network only) as well which requires login before updating any content.