I think it’s mostly intended for remote access like when SSH’ing in, it locks up after too many bad attempts.
When you have physical access a lot of security stops being relevant. Although for users with full disk encryption, that’d also force the attacker to wipe the keys in RAM so it’s still got some value.