Up until now, the only safeguard against the cookie-stealing vulnerability has been mega-mod, which allows an Admin to do admin actions in the forums w/o worrying about his cookie being stolen and used to access the CP.
Instead of having to use mega-mod, it would be great if there were a mod that simply checked the first x digits of the IP address of the person trying to login to the CP, to see if it matched the IP on record for that Admin.
Granted, the last few digits of an IP change from time to time, but the first x digits are usually pretty much the same. And if the Admin's IP did ever change, he could always go into FTP and make the necessary adjustments.