this would require hand coding to accomplish and is not supported.
you would need to create a table that would store the user name entered and time of login attempt, when the login fails use an insert record behavior to store the time and user name.
on further login attempts, using a recordset, you could count the number of records for the user name entered , and return the time of the first failed attempt. using the information returned from the recordset, you could reject further login attempts.