How about adding a “Deny location” Feature to your account settings?
When someone tries to log in on your account, that you of course didn’t authorize, you can deny it. Permanently.
And while you’re at it, why not take it a step further and add the ability to block the entire region/country from accessing the said account?
This could help to keep accounts safer, but how it would be done, I’m not entirely sure, this is just something that’s crossed my mind.
if anyone would like to add input, please, do so. I’d love to hear suggestions.