So webconfig can lock down host and admin pages per network but it doesn't do it per user, also having to edit the webconfig to lock it down makes it less than desirable. So my idea is the following.
Call the section Trusted Hosts (or something) and if it is filled out, the user can only log into the site if they are on those networks. One of the main reasons I would like to see this is for the administrator accounts that aren't used for much be locked down to internal IPs or specific external IPs to prevent hack attempts.
Customer support service by UserEcho