- every time a new session is opened in bitwarden from a new device
- every time a session is opened from a country/region different to the usual one. The second phase would be to add this feature: Restrict account access to certain countries/IP ranges - #9 by l0rdraiden
- every time there are X consecutive login attempts failed from the usual country.
- every time there is a failed login attempt from a country that is not the usual one.
- every time the password is introduced succesfully but the session fails because the 2 step verifications fails or is not used. (Someone knows your password but wasn’t able to login due 2FA)
The email will contain all the information available about the attempt like the IP, time, browser, location, etc. In addition there should be a log in the web interface to see all the details of the sessions and login attempts