Azure Active Directory smart lockout
Please enable AAD Smart Lockout to enable users without an Active Directory to meet NIST AC controls for unsuccessful login attempts.
Cloud-Only User accounts in the Azure Government do not lockout as per our organization security policy/guidelines. Policy requires 3 failed attempts to lock users out. Request to have this feature available in Azure Government.