Feature Request: Temp. Blacklist Source IP on X invalid login attempts for PIN/Password

[m0nji]

I dont see this at the Roadmap but it would be nice to have this Feature for PIN and Password Authentication.
Right now, someone could try the PIN/Password without any Limitations? So it would be nice if for example, after 5 invalid Login Attempts, the Public Source IP will be blacklisted for 24h. This makes it much harder for an hacker to compromise the Authentication Layer.
Of course, a configurable Login Attempts and Time for Blacklist would be great.