Hi Guys, this a transfer from the LLA support page as it looks as though this is where the issue really lies.
I logged in to one of my affected sites via a remote IP, cleared all LLA lockouts and deactivated and de-installed CAPTCHA (3.9.6). (LLA v 1.7.1)
I then logged back in to the site from the usual IP without any problem, so LLA was working fine.
I then re-installed CAPTCHA 3.9.6 (from within WordPress plugins), activated it then logged out.
I then logged back in from the usual IP and again LLA showed that it had decremented the number of remaining login attempts by 1.
I completed the login (I had LLA tries remaining) and deactivated and deinstalled CAPTCHA and logged out.
On trying to log back in without CAPTCHA 3.9.6 enabled LLA did not further decrement the number of remaining login attempts.
So, unless there is some other strange issue with the loaded plugin selection or the server platform configuration, the evidence points to CAPTCHA 3.9.6 being the issue - even after the bug fix.
It does seem to confirm that the problem is not with LLA but with CAPTCHA.
Could it be that the bug fix does not fix the issue in some circumstances or could it be that some data element in the SQL table is being set and not cleared during a CAPTCHA deactivate/deinstall cycle?