Add a section under each user for trusted IPs and or networks
So webconfig can lock down host and admin pages per network but it doesn't do it per user, also having to edit the webconfig to lock it down makes it less than desirable. So my idea is the following.
Call the section Trusted Hosts (or something) and if it is filled out, the user can only log into the site if they are on those networks. One of the main reasons I would like to see this is for the administrator accounts that aren't used for much be locked down to internal IPs or specific external IPs to prevent hack attempts.
I'd like this as well, not to have the accounts bypass MFA but allow login at all from a defined set of IPs (with MFA as well)