So it sounds like the SessionID is the best mechanism to track repeat visitors because even if 'LastLogin' was updated in the database, it wouldn't be very useful in the short-term.
Does this mean that the only solution would be to compare each user's current SessionID against their previous SessionID which we'd have to store somewhere in the database? If they're different we'd update the SessionID and increment a counter.
But what bothers me is that it seems I'd have to perform this check on every page since a user could theoretically re-enter the application on any page following an expired session.
I could use my 'BasePage' class which all other pages inherit from to make this check, but doing a DB query for every user and every page request seems like a whole lot of DB access. Is there any more efficient way?