The application does not show the user the time, date, or source IP address of the last time they logged into the application. Showing this information to the user is a best practice that allows them to discover and report possible account compromise. Users that check this data can compare the last made account login attempt time with the last time they tried to log in. If there is a discrepancy, they can alert the application’s security administration team.
Provide users with an ability to detect possible compromise of their account by displaying the timestamp and IP address information related to their last login attempt.