limit users that Have entered password wrong for 3times

Question

i have a login page that users can enterd username and password i hide the div that has textbox content i know my method is very bad but i dont have beter solution .someone can help me how i do when a user enter pass wrong for more than 3times?i wanna do this work with c# code no client side and with jquery.

  $.ajax(
  {
      type: "POST",
      url: "loginpg.aspx/loginmtd",
      data: JSON.stringify({
          username: username,

          password: password

      }),
      contentType: "application/json; charset=utf-8",
      dataType: "json",
      async: true,
      cache: false,
      success: function (ret) {
          if (ret.d != "" && hasError == false) {
               $(".error").hide();
               hasError = true;
               $('#result').after('<span class="error"> welcome  ' + ret.d + '</span>');

          } else if (hasError == false) {
               $(".error").hide();

               hasError = true;
               if (failcount < 3) {

                    $('#result').after('<span class="error">password is wrong' + ret.d + '</span>'); 
                    ret = "";
                    failcount += 1;
               } else {
                    $(".hid").hide(1000);

               }
           }
       },
       error: function (x, e) {
           hasError = true;
           $('#result').after(x.responseText);
       }
  });

Answer 1

Although it's technically possible to stop a user after 3 failed attempts, as jeschafe says once the browser is refreshed or a new window opened they can try again. The block needs to happen on the server side and not client side using jquery.

On another note, this means your username and password data is client side too? I'm sure there are extra security risks with this too.