function limit_login_attempts_idc() {
    $attempt_login = get_transient('attempt_login');

    if (false === $attempt_login) {
        $attempt_login = array();
    }

    $ip = $_SERVER['REMOTE_ADDR'];
    $attempt_login[$ip] = isset($attempt_login[$ip]) ? $attempt_login[$ip] : 0;
    $attempt_login[$ip]++;

    set_transient('attempt_login', $attempt_login, 60);

    if ($attempt_login[$ip] > 2) {
        wp_die("You have exceeded the maximum number of login attempts. Please try again in 60 seconds.");
    }

}
add_action( 'wp_login_failed' ,'limit_login_attempts_idc');