When someone tries to reset our password, be it ourselves or third parties, the IP address of the requestor of the password reset is sent to our inbox with the password reset email. LoginNotify should do the same.
I don't think there would be major privacy concerns as long as its noted where appropriate that trying to login on an account may disclose private data to the owner of that account, if that's not already covered by https://wikimediafoundation.org/wiki/Privacy_policy#To_Protect_You.2C_Ourselves_.26_Others. This will need to be checked with WMF Legal.
Similarly, unsuccessful logins should leave CU traces to prevent abuse, otherwise this feature can become a source of annoyance.
=New Notification Request Form=
Filling out this form will help developers and product people understand your idea and will provide the information required to implement it. To see examples of the types of answers required, [[ https://www.mediawiki.org/wiki/Help:Notifications/Document_a_new_notification_type#Information_required | have a look at this sample form ]]. To understand unfamiliar terms, [[ https://www.mediawiki.org/wiki/Help:Notifications/Glossary | visit the glossary. ]]
==Basic information==
- **Purpose of the notification**:
- **Notification name**:
- **What triggers notification?:**
- **"Notice" or "Alert"?: **
- **Notification type (standard, bundled, expandable bundle): **
==Wording==
For a single message
-- **Header:**
-- **Body: **
For Bundled Messages
-- **Main, bundling message: **
-- **Subsidiary, bundled message: **
==Links==
- **Primary link target: **
- **Primary link label (for email display only): **
- **#1 secondary link target:**
- **#1 secondary link label: **
- **#2 secondary link target:**
- **#2 secondary link label:**
==Icon==
- **Icon name: **
- **Link to graphic/example:**