This sock locks out your account after 5 missed logins. For people who haven't come to the site in a while or who haven't had their account for long are likely to have this happen. This is a broken and flawed policy. Nobody is going to hack an account in 5 tries. Absolutely only 5 tries will impact valid users trying to login.
This policy is bad because it locks out legitimate users
This policy is completely useless as nobody will be able to hack an account in 5 tries
Upping this to something like 20 login attempts would keep the same level of security and make the site a lot more user friendly