If you run JIRA on Oracle database it's not possible to set Maximum Authentication Attempts Allowed to Unlimited.
You will be able to set in the UI, but then it will go back to 3 (the value taken from jpm.xml).
This is because Oracle stores empty string as nulls and a null here causes JIRA to use the default value.
Setting this value to unlimited on any other database (like PostgreSQL) stores an empty string there (and then JIRA will pick up an empty string and translate it to Unlimited correctly).
Set Maximum Authentication Attempts Allowed to a really high number.