Hello there,
The pix should give three attempts at the password before it fails the authetication. There is no configuration on the pix to change this behavior. Howver, it seems that your description is more a function of the authentication server... If you are authenticating to a radius or tacacs server, the timeout period is probably configured there. Look into the account lockout policies on the server and see if that helps...
Marcus