The asp.net membership has the mechanism that it locks out a user's account if he/she tries to authenticate themselves with false password five times, by default, or within 10 minute window. The locked user can then not login.
In the MembershipUser class there is a public method UnlockUser() that you can call for any username to unlock the user, this will reset their LastLockOutdate field etc and allow the users to login using the same password.
MembershipUser user = Membership.GetUser(username);
I just came across this problem and found this solution and thought it would be a great help to others also.