Random Access ID
A random access ID could be securly transmitted between the client and the server. An external listener would have more difficulties to record the access log.
Log Not Matching
There is an access log available, on the client and the server, but they don't match.
Explicit Control
The user can check his access logs at any time.
Lock Access
The access can be locked manually by the user or automatically, when the access logs of the client and the server don't match.
Access Log
Use a hash of the access log as an additional kind of password. The access log (Computer/Access Time/Access ID) is known to the client and the server. Intruders would need to listen and record the communication from the beginning.
(Re)Starting Log
Register Computers
Allow to register computers, allowed to access.
Identify Computer
Identify computers as automatically as possible.

An access log needs to start at some time. It can also get lost on the client or the server.

A smaller log can provide less security, because it's easier to observe and record.

/livcos.org/data/map/brainstorm/AccessSecurity