After 15 failed login attempts, users are locked out of the system for 10 minutes. This is a security measure to prevent hacking of the portal.
During the lockout period, users will not be able to request their password and/or username. After the 10 minutes are up, users can continue attempting to login and request their password.
As an administrator, you do not have to do anything about the lockout, but if you notice a large amount of lockout alerts, please alert Web Services, US to the suspicious behavior.