Thread: Invalidate cookies on login from new location?

There's one forum I visit that (annoyingly) only allows you to stay logged in from one location. (If I login from work and check the 'stay logged in' option, it works fine. However, if I login from home that evening, it doesn't 'remember' on my work computer and I have to log in again. It's a vicious cycle.)

On a discussion forum, this seems a rather ridiculous policy to enforce. On an intranet site (that requires you to login from your workstation), though, I can see the value. My question is: how would one go about setting a cookie on a user's machine that allows them to save their login credentials, but invalidates those credentials when they login from another machine? (Force a logout on the first machine.)

Nearest I can come to simulate the effect is to save a unique number [md5(date("U"))] in the user database when they log in and store that same number in a cookie on the machine. That way, when they log in from a new workstation, it checks if the cookie exists and creates a new unique number if it doesn't. When they return to their original workstation, the system compares the cookie's unique number against that stored, sees their different and forces the user to log back in.

The only problem I see with my work-around is that every page access would require a database query to compare the numbers. A small site wouldn't be a big deal, but surely there's a better way.