Been thinking about how to best handle this next time.
Instruct them to perform a password reset and ignore further pleas for help?
Ask them to describe something about themselves (other than location or email address)?
Made me think that it might be a good idea to incorporate some required security questions at registration. These questions would be hidden but viewable by an admin and could be used as a challenge when someone reaches out for manual help.
Anyone experience this or have other ways of dealing with the situation?