Warning if logged in from new device/location (like Google Devices & Activity section)

Is there any package that sends a user an email if he (or a hacker) logs on from a different device or location?

For example like:

If there is no package for this

Accounts.validateLoginAttempt (function(attempt) {

would print out:

connection:  clientAddress:
		     user-agent: Macintosh; Intel Mac …  Chrome…
		     accept-language: de-DE, en-US, …

If you save that to a collection or to the profile you could be able to that with meteor. A’m I right?

You can probably just push that to an “approved devices” field with some kind of sendApprovalEmail extension on accounts.

Accounts.validateLoginAttempt(function (attempt) {
  if (attempt.user.locked) {
    attempt.allowed = false;
  if (!_.contains(attempt.user.approvedDevices, attempt.connection)) {
    attempt.allowed = false;
  return attempt;

Accounts.sendApprovalEmail = function (userId) {
  const token = Random.secret();
  Meteor.users.update(userId, {
    $set: {
      locked: true,
      'services.password.approve': {
        token: token,
        when: new Date()
  const user = Meteor.users.findOne(userId);
  Email.send(user.emails[0], {
    from: 'Accounts security',
    text: `Please visit this link to verify your account ${Meteor.absoluteUrl('verify_account/' + token)}`
1 Like

Thanks! I will try that out.