Prevention from guessing Passwords


I’m in the process of making our RT available from the internet and therefore had to check some security stuff. As fas as I have seen this until now, there is no inbuild protection from guessing passwords like the account gets deactivated after x unsucessful logins, a timelock or something similar.

Is there any option in RT or a Plugin that allows to enable some extra security here?