After I changed my iCloud email/password my phone tried to use the old one for months, and I had to escalate the issue high up Apple Support to get it fixed (you can't erase your iPhone without proper iCloud credentials if findmyiphone is enabled). That also involved my email, so it was slightly different.
Could have, and perhaps should have, but I haven't seen anyone claim that it actually does delete the stored password after a failure. And it would be awkward if the automatic backup stopped functioning and required manual intervention after each intermittent network failure. It should be fairly easy for someone with an iPhone to test and find out.
Possible, but still awkward. If the network failure is between the server and the password database, it would still need to distinguish between "password permanently incorrect" and "password temporarily incorrect".
But my stronger point was that there is no need to speculate, since someone with an iPhone can verify what actually happens. Set up backups, change the password, verify that it fails, change the password back, and report what happens.
If the HTTP status code is 5xx, keep the password. If the HTTP status code is 4xx, delete the password.
Obviously making some assumptions (like HTTP, or a 5xx on network fail between internal services), but telling the difference between "user supplied bad data" and "the server messed up" really isn't that awkward at all.
