Users/requesters - which "bit" counts as the identity?

Users/requesters - which "bit" counts as the identity?

A long time requester who was in a senior position at one of our clients has left and joined a competitor.
 
If we just change his contact details (telephone, email address etc) am I correct in assuming that he will still be able to see the requests that he placed from his old position when he logs in to the portal? Or does the account identity centre around the email address, or the login name or...?
 
Which items do we need to change to prevent a user accessing the old data?
 
Thanks - Terry

        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                        Related Products