Recently I logged into my account from a different location as to where I usually play. My girlfriend and I were playing at her house for a few days, and then we went back to my Parents house. When we both tried to log in, we got a "Due to suspicious activity your account has been suspended" message.

I think that its great that you have such a feature, but forcing us to change our password every time something like this happens is very drastic.

The way the system should work, is it should email you a confirmation to log in to your main email address. From there, you need to follow a unique link to allow you to log in, and then you can attempt to log in again.

as follows:

System detects different location > System suspends account and sends confirmation email > email confirmed > log in will be successful with correct details.

I suggest doing it this way, because people aren't always playing from a single location (LAN parties for example, people who travel a lot, etc).. It is a lot of hassle to change your password every time this happens.

and if a hacker has access to your email then they can go through the change password process and gain access to your account anyway, so therefor this system isn't very good.

If this is in the wrong section, my apologies.