Hello Sistania,
It is possible for a Millennium domain to experience “global” CAPTCHAs if it comes under attack; every user would be forced to solve a CAPTCHA every time they log in. It is certainly possible that this specific user is being purposefully/correctly CAPTCHA’d due to repeatedly providing incorrect passwords, in which case it would be possible to unlock them using Cerner tool (or, simply wait 24 hours).
Thanks,