You could do something like that, but you'd have to write it yourself. If you want to ban IP addresses, fail2ban is probably an easier starting point. Plus users who authenticate with passwords might occasionally make typos and get banned, incentivizing better logon techniques.