What is the best practice for resetting an invalid email address as username

Setup:

Site is for utility customers to view usage and pay bills etc.
Usernames are email addresses
Passwords can be reset by providing an email address to which a password reset email is sent
The user has both forgotten their password and no longer has access to the email address they used to register

I was considering allowing the user to change their email address, but what information should I ask for to validate the user? I've seen negative feedback regarding security question usabilty. Would it be better to ask about account information, e.g. past payments or something?

Tags: ux stack

What is the best practice for resetting an invalid email address as username

UX in 2018: The human element

Three Takeaways from the Hawai’i Missile False Alarm

UX in 2018: Content

UX in 2018: Design, Development, and Accessibility

The Power and Danger of Persuasive Design

What is the best practice for resetting an invalid email address as username

Related Posts