Defines the number of attempts a user has to login to the system before their account is disabled. In setting the loginretries attribute, this ensures that a user can have a pre-defined number of attempts to get their password right, prior to locking the account.
Solution
In /etc/security/user, set the default stanza loginretries attribute to 3- chsec -f /etc/security/user -s default -a loginretries=3 This means that a user will have 3 attempts to enter the correct password. This does not apply to the root user, which has its own stanza entry disabling this feature.