An account lockout policy will lockout an account after a certain number of failed logon attempts. So if a user is trying to guess your password, the user account will be locked out for a certain amount of time after they have reached the number of allowed failed logon attempts.
If you want to Enable Account Lockout policy In Vista follow this procedure
Click Start —>Administrative Tools—>Local Security Policy.
Select Account Policies—> click on Account Lockout Policy from left pane and double click Account lockout threshold from right pane
Increase the value to the number of failed logon attempts you want to allow.
This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout duration for the account has expired. You can set a value between 0 and 999 failed logon attempts. If you set the value to 0, the account will never be locked out.
Failed password attempts against workstations or member servers that have been locked using either CTRL+ALT+DELETE or password-protected screen savers count as failed logon attempts.