I wish there was a way to cap the lockout time.

It makes sense for 4 digit codes, but I have a 20ish character password, I once locked myself out, and it was an incredibly frustrating experience.

My password can't be brute forced even with offline access to the hash, there is no risk of it being brute forced from keyboard input.