Hello,
I’m a bit annoyed by the frequency of these “sign-in from new location” emails. In my case I get them because my IPv6 address changes regularly (RFC4941). However the IPv6 prefix stays constant, so I wonder if the process checking the currently used IP against the list of already used IP should (for IPv6) only compare the first 64 bits instead of the whole address.
Best regards
ukleinek
1 Like
In this issue it is told about “compare IPv6 addresses ignoring the the last 64 bits”.
In fact, it could even show only the IPv6 prefix as “IP address”, it would be easier for humans to compare things in case the IPv6 prefix really changes.
(Am I wrong?)
Do you know what was done in the end?
Did they use the encrypted cookie instead of improving the IP address match?