Bad password attempts are incremented using Outlook Anywhere with Basic authentication.

 

Consider the following scenario:

Outlook 2010 using Outlook Anywhere with Basic Authentication.

Connecting through ISA 2006 or TMG servers.

You have configured Account lockout threshold to a nonzero value.

If the user types the logon password incorrectly when authenticating through Outlook Anywhere.

The active directory user account may be locked out from the Windows domain.

Solution:

Description of the Outlook 2010 hotfix package (outlook-x-none.msp): February 22, 2011
https://support.microsoft.com/kb/2475877

Update Center for Microsoft Office, Office Servers, and Related Products
https://technet.microsoft.com/en-us/office/ee748587.aspx

Consider the following scenario:

Exchange 2007
Windows Server 2008 Service Pack 2

Outlook 2003 or Outlook 2007/2010 using Outlook Anywhere with Basic Authentication.

You have configured Account lockout threshold to a nonzero value.

For every bad password attempt made by Outlook Anywhere user.

The bad password attempts are incremented twice.

The issue occurs because the authentication module that supports Basic authentication tries to log on two times for each unsuccessful logon. The basic authentication module first treats the logon credentials as having the Unicode encoding. When Windows rejects those credentials, the basic authentication module tries again by treating the credentials as having ASCII encoding. This causes two logon failures for each unsuccessful logon.

Solution:

FIX: You receive the error message "HTTP Error 401.1 - Unauthorized" sooner than expected when you try to log on to an IIS 7.0 Web site by using invalid credentials
https://support.microsoft.com/default.aspx?scid=kb;EN-US;981280