is there really no "build in" way to lock an mysql account (I use 5.7.15 on Debian) after a configured number of failed login attempts?
is there really no "build in" way to lock an mysql account
Not that I know off but you can get it done using application logic. That's: have a bit column named IsLocked bit and a RetryCount INT column. In your, application, check if it's subsequent login attempt and if it's then increase the RetryCount column.
Once, RetryCount column reaches to 3 (per your need) update the table set IsLocked column to true.
So, any login attempt after that; just check if the IsLocked column is true and if yes then deny the login and throw validation error message to end user.