Report Offensive Message

I agree that this would be the best possible security. My bank locks me out of my account if I enter more than 3 incorrect attempts over a 12 month period. To unlock, I have to ring the bank, and convince them who I am to have the account unlocked.

The only way that logon-attempt limits can be circumvented is if the database itself is stolen (which has happened), as then the hacker has unlimited attempts.