If a user tries to login with an incorrect password multiple times, OGo can lock the account and send a notification mail.

Small question on OGo authentication:

Is it possible to limit the number of failed login attempts?

Yes, should work. Functionality is enabled using the default:

HandleFailedAuthorizations [YES/NO]

Other relevant defaults:

MinutesBetweenFailedLogins [minutes: def 15]
FailedLoginCount [number of attempts per timeframe]
FailedLoginLockInfoMailAddress ['from' field of the Lock-Info Mail: def 'root']

Does it work with LDAP?

Yes, it should work with LDAP authentication. Just give it a try and if does not work, post an enhancement request in Bugzilla.

Source

The sourcecode for the failed-login feature is in OGoContextManager+FailedLogin.m and needs quite some cleanup ...