- Username changed
- Email address changed
- Added/removed from a user group
Then having a change history tab under the "Edit User" page showing the user change history.
A perfect example of this would be when a user account gets stolen (from being phished or something). If we know what their previous email was, we can just roll back the email, reset the password and send them a new email confirmation. But restoring a stolen account gets a lot more difficult when we can't confirm the email address was actually changed or what the previous email was.
IP logging of the important changes ont he account is nice for tracking down people who are phishing multiple accounts.
You would be amazed at the number of users we run across that claim other user's accounts were stolen and that we should change the email to a different email for them... when in fact they are trying to steal someone else's account.