[eluser]Nick_MyShuitings[/eluser]
Hehe...
Even though you didn't ask a question... (@smilie - I like the abundant smilies in your post... fitting)
You should be able to modify your login function and have it kill the session for that user if you are using db session. Ie, as it creates the new session for the user, it could check if there is already a session for that user at a different IP, and delete that db entry.
As long as your auth library is checking the session, the next time they attempt to do anything at the old computer they should get rerouted to the logon screen.
Interesting in that I can't believe I never thought of adding this to my auth class.