Each time you login to your blog WordPress creates a session cookie which is used to authenticate you. By default if someone somehow gets your cookies he (or she) is able to use them to compromise your blog (even without having to know your password!). To prevent this you may want to make your auth cookies ip-dependent so that they could be valid only for that ip which you used during login.