If a user has a certain number of consecutive unsuccessful log in attempts, the user's login is disabled.

You define the number of unsuccessful login accounts allowed on the Password Policies form in Settings > Security > Password Policies. After a user successfully logs in, the login attempt count is reset to zero. When a user is disabled, the system administrator must re-enable the user's login.