For added security, it would be useful to be able to only allow particular users to login from white listed IP addresses.

• "Restrict login to Piwik only from these IP addresses" would be a global setting that would restrict all logins to a particular IP address.
• "Restrict a particular username to login from these IP addresses" would be a setting, per user, optional, that would restrict login by this username.
  • UI: maybe we could extend the 'User Settings' mechanism , to also let Super User edit settings for other users.

Notes:

• When a user goes to the login form, or tries to login, and the IP is not whitelisted, display a message "Access to this Piwik server is restricted. Please contact the admin to ask them to white list your IP address. more"
  • Learn more link goes to a FAQ on Piwik.org, explaining the WhiteList feature, and also explaining "How do I disable IP whitelisting?"
  • This would help a Super User deactivate the IP white listing feature, if he is locked out.
• UI: Ips will accept ranges, similarly to the "Ips to exclude" in the Websites settings.