I have Login Limits Blacklist Threshold set to 1 and a lockout time for 60 minutes (yes, I know it's risky).
I logged into my site from a remote location to force a lockout. I was locked out, but the IP address was not added to the Ban Users list and I was locked out for far less than 60 minutes.
I looked at my htaccess file to see if there was anything that might affect things. It's enclosed here: