Another point I want to ask to everyone here
Why there is not authenticity check when the user logs in from a different country in a day's time or even whenever he logs in from a different country rather than his home country.?
This is a very important point to consider, but I expect the default response from the platform will be that they allow the use of a VPN and therefore the IP used can change several times per day.
This is not an acceptable excuse of course, even if using a VPN there should be at least a warning message in the email that you are logging in from a different IP. This will make you verify your account immediately.