More thoughts... The first thing that comes to mind on the server-side would be a block by IP. If they can log in from the same LAN on a different computer/device then that's not it. That could be verified by connecting the computer to a phone hotspot, changing the user's source network/IP. - Jeff