For security, it would be good if a user (and admin) can see a list of logged in devices with the option to log out any suspicious devices.
