Azure AD B2C does provide password blocking. The logic and duration are not direct, "block X minutes with exponential recharge after failed password attempts." There is an intelligent and evolving algorithm that takes into account many other signals to eliminate the ambiguity between bad actors and mistakes and other favorable scenarios.
Read more about Azure AD B2C threat management documentation