Lock user accounts after 50 rather than 100 failed login attempts.

https://forums.whonix.org/t/how-strong-do-linux-user-account-passwords-have-to-be-when-using-full-disk-encryption-fde-too/7698/19

debian/control

@@ -151,7 +151,7 @@ Description: enhances misc security settings
   * Abort login for users with locked passwords.
  /usr/lib/security-misc/pam-abort-on-locked-password
  .
- * Lock user accounts after 100 failed login attempts using pam_tally2.
+ * Lock user accounts after 50 failed login attempts using pam_tally2.
  /usr/share/pam-configs/tally2-security-misc
  .
   * Logging into the root account from a virtual, serial, whatnot console is

usr/lib/security-misc/pam_tally2-info

@@ -54,7 +54,7 @@ fi
 
 deny_line="$(cat /etc/pam.d/common-auth | grep deny=)"
 ## Example:
-#auth	requisite	pam_tally2.so even_deny_root deny=100 onerr=fail audit debug
+#auth	requisite	pam_tally2.so even_deny_root deny=50 onerr=fail audit debug
 
 for word in $deny_line ; do
    if echo "$word" | grep -q "deny=" ; then

usr/share/pam-configs/tally2-security-misc

@@ -1,10 +1,10 @@
-Name: lock accounts after 100 failed authentication attempts (by package security-misc)
+Name: lock accounts after 50 failed authentication attempts (by package security-misc)
 Default: yes
 Priority: 260
 Auth-Type: Primary
 Auth:
 	optional	pam_exec.so	debug stdout seteuid /usr/lib/security-misc/pam_tally2-info
-	requisite	pam_tally2.so even_deny_root deny=100 onerr=fail audit debug
+	requisite	pam_tally2.so even_deny_root deny=50 onerr=fail audit debug
 Account-Type: Primary
 Account:
 	requisite	pam_tally2.so debug