Make sure to take a backup of the following files
/etc/pam.d/password-auth
/etc/pam.d/system-auth
Edit the above two PAM Authentication Configuration and add the following lines:
auth required pam_tally2.so deny=3 unlock_time=600
deny=3 : will lock the account after 3 failed login attempts.
unlock_time=600 : will unlock the account automatically after 10 minutes (600 seconds).
To see failed login attempts for a specific user:
pam_tally2 –user=username
To manually Unlock a Locked User
pam_tally2 -r -u username
