I tried setting xmpp.auth.retries. I then attempt to login with incorrect password multiple times and reaching the limit that i set in xmpp.auth.retries. I do not see any effects.
Is there any other way to acheive locking out users after X failed attempts? I am not using LDAP.