Brute Force Mechanism disables user?

I am running a 21.0.5.

After a user changed his password and a device tried to log in with the old one several times, the brute force mechanism kicked in. Now this user was disabled somehow.
Does the brute force mechanism do such thing? And if so, can this feature be disabled?

Try searching the forum for how to do this. You’ll find the solution using keywords. This should help you get started: