This behaviour is super frustrating. When entering my password while talking to somebody else, the success rate is lower.
3 failed attempts happens isn’t hard to achieve. 10 minute lockout means you either reboot the computer (unsaved stuff / force closing is never good) or wait 10 minutes as the thing you needed to look up is forgotten, you look dumb, potentially when its actual work, 10 minutes in a real-time conversation of just leaving without any explanation isn’t very normal.
I want to change this. I didn’t find anything under /etc/pam.d/
with deny=3
or unlock_time=600
.
To be realistic, the default should also be changed. Android is 5 attempts / 30 seconds. 5 attempts / 5 minutes or 3 attempts / 1 minute sounds reasonable to me.