Is there a way to lock out an account if I enter in a wrong password X number of times?

Yes this is possible by adding the following attributes to the SQL Provider:

maxInvalidPasswordAttempts

passwordAttemptWindow

 

Since this only affects IdSrv, you can update the IdentityServer.exe.config as per Microsoft documentation:

https://docs.microsoft.com/en-us/dotnet/api/system.web.security.membership.maxinvalidpasswordattempts?view=netframework-4.8

 

Note:  We do not have a way to automatically unlock the user account, nor do we notify the user that their account is locked out during the login process.

However, if they request to reset their password by using the trouble signing in link their account will be unlocked.