Originally Posted by CBG
I am needing some code
This isn't a wishing well for code. If you just mis-phrased your meaning, though, here's what I"m doing in a current project.
You can add a few fields to your users table and test them with some additional logic on login attempts.
And then add core values for the lockout duration (in your case, 10 minutes) and failed login max (3, in your example).
It shouldn't be too hard to work up pseudocode from that, and then to build that out into PHP.