Account Lockout & Failed Login Tracking

## Summary
Track failed login attempts and support account lockout to prevent brute-force attacks.

## Requirements
- Track failed login attempts per username in database
- Lock account after N failures (configurable on Security settings page, default: disabled / 0)
- Auto-unlock after configurable cooldown period (default: 15 minutes)
- Admin can manually unlock via user management UI
- Audit log entries for: failed login, account locked, account unlocked (auto + manual)
- Display lockout status on user management page

## Design Reference
See `docs/plans/2026-02-18-auth-hardening-design.md`

## Depends On
- Auth hardening sprint (Sprint 19)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Account Lockout & Failed Login Tracking #134

Summary

Requirements

Design Reference

Depends On

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Account Lockout & Failed Login Tracking #134

Description

Summary

Requirements

Design Reference

Depends On

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions