Hello,
Just got done talking with support about this. If possible, I would like to add a report category for the site admin reporting area.
I would like a report of all password reset requests. Not password changes, but requests for a password reset. It would list the email address used to request the reset, the IP address the request came from, and the date/time of the event.
This can be helpful in several ways both malicious and not:
1) Allows me to periodically track when requests are made vs who completes the password change.
2) Allows me to see if one IP address is testing more than one account, and then I can investigate that IP address on our other systems.
3) Allows me to find someone who made a mistake and is having trouble with their accounts.
Right now I can only see when a password has changed. And when someone has failed to login. But there is an event that happens in between that I think can provide useful information to a site/IT admin.