Data Privacy: lock out multiple password failures


#1

Accounts should be locked out after multiple failed attempts.

Malicious actors should not be able to spam login attempts / password guesses to break in to Canary accounts.