Edit: It just occurred to me that if someone lost control of their mining address' private key, they wouldn't be able to sign a message with it to prove that it belonged to them. Still, I'm curious to know how such an issue could be resolved here; it wouldn't be ideal to have someone's subsequent payouts sent to a black hole or a thief.
There's a cyclical problem there - if you can't prove you own the address, then even if the payout was just disabled, the pool could wrongly be withholding someone else's valid reward. Private keys are everything with address based payouts I'm afraid. Then again, private addresses with a proper bitcoin wallet are already far more secure than any web based online security.