User sents invalid credentials too many times in a row.
Did you check this via a tcpdump? (UI > troubleshooting > packet tracing > parameters: -s 0 -i any > reproduce the problem)
You may also check:
I unable to find the why getting lock out issue again & again also I have follow the above document but unable to find exact issue.
So request you to kindly let us know can we create logs file for one user for badpassword.