Last modified: 2011-03-13 18:06:34 UTC
Given the high number of compromised accounts at en.wikipedia, I think that the following is a good partial solution:
On the preferences, allow a user to have the account locked to all IPs but the ones on a list which the user can edit. Automatically have any recent IPs used by the user be on the list, to make it easier for a user who doesn't know all of his/her IPs. Allow the use of ranges.
Seems to be basically the same as bug 9837, except looked at from a different angle (list maintained by user instead of general sysops; whitelist instead of blacklist). This way is probably not as good an idea, given that people might lose control of their IP addresses and be unable to log in again without sysadmin intervention.
Marking WONTFIX per bug 9837 and especially per comment #1.