There are numerous reasons why there should be a way to limit user access to one login per one user at a time.
Assume you are in a computer lab and you are conducting a controlled quiz using Moodle. Currently there is nothing to keep students from paying another student to take the quiz for him. All he would have to do is share his login credentials with another student and the other student could answer the quiz questions, giving credit to the cheating student. The teacher may be able to catch him by looking at the IP addresses of the students, but that assumes that he has a reason to check, and knows how to do it.
Or, if a student is careless with his login credentials, another student could login, while the student is logged in, and do malicious things to disrupt the progress of the careless student. I am sure you can think of many more such scenarios that could be prevented with some logic that would provide more login security.
There is also the problem of security for proprietary content. In my case, I am developing a desktop application that has Moodle incorporated into it. We use Moodle to manage the course instructional content and in the lessons, we include links to the desktop application to provide real time adjudication of a musical performance. The link in Moodle will open a musical exercise in the performance application that uses microphone input to help students learn musical skills. If you would like to see it work, check out my profile.
Since this is a private development (for profit), we must block multiple users from logging in using the same username and password. The code hack I have running in Moodle 1.9.9 works by logging out user 1 if user 2 logs in from a different computer. So if user 1 neglected to log off and then logs in from another computer, there is no problem because his first computer will log off automatically. Also, I am using the cron job to logout a user if he is inactive for 20 minutes. And we have developed a way to trigger the require_logout function if the user just closes the browser without logging out.
But if user 1 is surprised that he got logged off, he should assume that someone else has his login credentials and he should log back in and change his password as quickly as possible. My code hack also limits the login time to 2 hours in an effort to prevent a teacher from buying one login and then allowing multiple students to use it during the day. Also, this way we can control cost by limiting server
time and bandwidth usage.
The only problem with this code is that it will require you to login twice to get in from another computer. I found the idea for this code hack in another forum (forgot where) and then I expanded it to do what I needed. I don't yet know if it will work in Moodle 2.0.