In order for the lockout feature to actually lock somebody out they have to get their username (or password) wrong multiple times.
If someone is consistently getting their login details wrong, then in normal security practice this should sound alarm bells because you are most likely dealing with someone who is illegitimately trying to log in.
All of your suggestions are fine but they also open up more security holes because we would be making exceptions for people who can't remember their own account details.
Having said that, we still want to think about this more carefully to see if there are ways to cater for what you are all asking for but with the least security compromises.
(Don't forget, that the administrator can easily unlock any user by clicking the "unlock" link in the table which lists locked out users in the lockout settings page)