You can configure the POA to lock out a user that provides the wrong mailbox password too many times. For more information, see Section 15.3.5, Configuring Intruder Detection.