Currently, biometrics are disabled after three failed attempts. However, if you turn the screen off and then on again it will accept biometrics as usual. This seems like it could be a bug or security flaw.

    vontroxler I may be wrong, but I believe it is 5 attempts before it disables biometrics. There are 3 attempts before it prompts for your PIN/password, but you can go back and try a further 2 times.

    EDIT: Here, I found the documentation regarding this. It is 5 attempts in total.

        roamer4223 Yes, I just tested this and you are correct. Thank you. I'll have to remember to use lockdown mode instead of trying to disable biometrics intentionally if I'm ever in a situation.

            vontroxler Of course it depends on the situation in question, but if you want to protect your data as much as possible, you could turn your phone off. That will purge the encryption keys from memory, reducing your attack surface a lot. As far as I understand anyway, there are far more knowledgeable people here.

            Edit: that is another benefit of user profiles, if you end session of a user profile, it puts the data of that profile back at rest while your phone remains on.