I’m seeing on my forum this bug was never fixed 
The suspicious logins report seems to only apply to staff members, is there a reason these logs need to be kept for non-admins?
For the report to work, does it need data from the beginning of the account’s history? Can the log be shortened to something like the past 6 months?
Right now there is no cleanup whatsoever, which is a privacy concern.