If the OEM doesn’t include this as part of their ROM Settings app, you’ll have to install a “device admin” app (docs) that will let you set this.
On an AOSP distribution I worked on, we set the device to factory reset after 20 failed attempts (not changeable to a higher value even by other device admin apps, iirc) back in 2012/13!
I don’t want to link any app here as “device admin” APIs, in the past (and in the present, too?), were a popular stalkerware vector. Such apps are readily Googleable/Kagiable/Letable/DDGable though.
Edit: @anon6884803 had a query for me:
I pointed out to @pinkandwhite that AOSP has had “factory reset on max failed password attempts” since Gingerbread / ICS.
The API documentation I shared points out that such a setting can be changed by a “device admin” app starting with Froyo (one release before Gingerbread).
And then I said, if OEMs / ROMs one might be using don’t expose this via its Settings app, one could use a “device admin” app to set this up.
I recommend being extra cautious with “device admin” apps as they’re a popular stalkerware vector.