It's possible to lock out administrator's account with unsuccessfull authentication attempts.
vulners.com/securityvulns/securityvulns:doc:10662