Kcheckpass has code to throttle the invocation to prevent brute force
attack. This code has been broken for years and is never executed.
The condition to go into the throttle path is if the effective uid
doesn't match the uid, that is kcheckpass is a setuid application.
But for a few years now kcheckpass is no longer a setuid (at least
when built with PAM).
Given that I don't think it makes sense to still have this code
around. We don't know whether it works and kcheckpass is only to be
invoked from kscreenlocker_greet anyway.