@AC
"The other issue is that it becomes possible to maliciously lock someone else's account out."
Good argument however... who says anything about the lockout having to be permanent? From a technical context it should be pretty easy to set up a system where lockout durations are set based on the time of day.
So during moments when the users are normally on-site you can set the lockout threshold a bit lower than if people are working from outside the office. Even then you could apply some flexibility; 3 times wrong and you're locked out for an hour. After that hour another 3 times would result in a permanent lockout.
There's no "one size fits all" here, but flexibility should definitely help to make this easier on the users.