Use DPM's counter for invalid password attempts

Currently Keyguard uses separate counter for invalid password attempts
that is not persisted and is always initialized to zero after boot,
so if the user made several attempts and rebooted the device, the
device will show more allowed attempts before wipe than actually
available. The counter is also incorrectly reset to zero when
fingerprint is used successfully.

With this CL the same counter is used for that message and for actual
wipe triggering, it is persisted and is not reset upon reboot or
fingerprint authehtication.

Counting failed password attempts should be available in DevicePolicyManager
even without PackageManager.FEATURE_DEVICE_ADMIN.

Test: manual, tried using fingerprint and rebooting.
Bug: 112588257
Change-Id: I1f4012a95c6f6758885206f69e7ebe2c3704a567