@none Welcome to our user community!
What you describe is something known as “rate limiting”. Bitwarden does implement some form of rate-limiting, although they are keeping the implementation details of such protections confidential. There have also been recent changes to Bitwarden’s handling of brute-force login attempts, and the effectiveness of these changes have recently been debated in this thread.
Based on the previous forum discussions and other publicly available information, the impression that I have personally (which is just an educated guess on my part) is that Bitwarden’s current implementation of rate limiting is primarily focused on login attempts that fail after the master password has been correctly input (i.e., when the login failures occur because the 2FA or the “New Device Login Protection” verification codes have been incorrectly input).
Unless Bitwarden is willing and able to confirm that rate-limiting and exponential back-off is used when login attempts fail due to invalid master password submissions, I think that this feature request can (and should) remain open.