lock the application role if users enter wrong password more than three times

I have a winform C# application which uses sql server 2005 express.

I am using application role to grant user to access the database.

A Form opens asking for username & password from the user.

This username & password is of the application role which i have created beforehand in a database.

I want that if the user enters wrong password or username more t开发者_开发百科han 3 times then the .net application shows that your account has been locked and exits. how do i do it?

Why not use Windows Authentication? I've never used an application role.

Every user would have the same username and password with application roles...

Edit:

You can use SQL Server logins and enforce password lockouts via group policy. This means each user can have a different login