If user enters invalid password it is stored in passwd file:

%USERPROFILE%\AppData\Local\Atlassian\SourceTree\passwd

It is never corrected if the user later enters the correct password.

Suggest purging the hash stored if login fails.

Note: I tried to put this as a bug but the fields don't show up when I select Issue Type bug.