Will it be possible to have a 2d check like a code you receive by email when you never connected on this computer for example ? Because i was on the website and my session expired, when i logged again i got an error message like what someone could have used my api key or something like this so i changed it. I never gave it or used it on another website so i wonder how it happened.

SgtKabukiman handles the security side of things, but somehow I don't think that will be very easy for one person to implement. :P