We had since deleted the affected user (they didn't have any data anyway) and had them sign-up using SAML.
I went ahead and had another user try the switch and it worked just fine for them. This sounds like a one-off scenario at this point, so I will mark this as solved. I appreciate your reply!
One thing I do wish was possible though is to convert a user back to e-mail authentication if they are locked out. I saw the Platform CLI commands, but it seems to_auth does not support e-mail. Just something I wanted to note.
Thanks!