Information
Set the count of maximum failed login attempts before the account is locked out
Multiple account login failures for the same account could possibly be a threat vector trying to brute force the system or cause denial of service. Such attempts to brute force the system should be limited by locking out the account after reaching a threshold.
http://pubs.vmware.com/vsphere-65/topic/com.vmware.vsphere.security.doc/GUID-DC96FFDB-F5F2-43EC-8C73-05ACDAE6BE43.html
Solution
From the vSphere Web Client select the host, click "Manage" -> "Settings" -> "System" -> "Advanced Sytem Settings". Enter "Security.AccountLockFailures" in the filter. Click edit and set the value for this parameter to 3.