When creating a component, most source types require a user name and password but it is not validated until a new version is added. If you mistype the password, or it changes, and you have auto add versions enabled, SDA will continue to try and use the bad password until eventually the account is locked out. Adding the ability to validate the user credentials from the create component screen would help.