The maximum number of incorrectly entered user data is 5.
Each next incorrect login attempt after exceeding the maximum of 5 attempts shall lock user account for 10 minutes.