Situation: As reported by others, there appears to be a bug that has not been documented here that causes failed authentication with a specific, but common, workflow.
- Have a picture entity (or camera?) on the screen of the device you are using (Xiomi map integration is one such example)
- Put the device to sleep (tested on phone app, but it appears kiosk devices act similarly so I would assume this also may impact computers).
- Return to the device after some time.
Of note, the above workflow was found to be an issue with nginx in use which may be a contributor to the authentication barriers.
The device will attempt to authenticate inappropriately using old credentials/tokens and cause Fail2Ban to potentially ban the device.
Users reporting this issue have suppressed notifications of failed authentications or disabled Fail2Ban which is a fairly poor workaround given the security benefit of using this.
Other notable threads which lightly touch on this (posted here as a summary of findings for easier discussion):
https://www.reddit.com/r/homeassistant/comments/udzi75/my_internal_ip_keeps_getting_banned/
Thanks for the help!