Stop people sharing accounts
- Thread starter sherbetdipdab
- Start date
You can stop more than one person being logged in at any one time on the same account, that may help. Could go one step further and temporarily ban an account that was used in more than one location at the same time. You'd have to be pretty careful though, I'd be pretty annoyed if I got banned from somewhere because I was logged in on my laptop and phone at the same time.
Upvote
0
I could be logged in at home then trundle off in the car and login on my phone. So you can't track by IP or limited the number of logins.
I might be visiting a friend, or away on holiday so you can get a whle bunch of different IP's in use.
I could even download the page/product and give it to my mate.
What you are asking is really difficult without a lot of backend technology. If you have your own server you might be able to do some clever tracking but it's not easy.
The two step verification is viable - but is really annoying if people dip in regularly. And if you ask for a phone number to make the verification, it still doesn't stop my mate using his phone.
I might be visiting a friend, or away on holiday so you can get a whle bunch of different IP's in use.
I could even download the page/product and give it to my mate.
What you are asking is really difficult without a lot of backend technology. If you have your own server you might be able to do some clever tracking but it's not easy.
The two step verification is viable - but is really annoying if people dip in regularly. And if you ask for a phone number to make the verification, it still doesn't stop my mate using his phone.
Upvote
0
The simplest way would to be use an app based 2-factor authentication, such as Google Authenticator which generates a unique code each time the user logs in.
In reality the question you need to ask is whether the effort of integrating the app outweighs the perceived losses of shared accounts.
In reality the question you need to ask is whether the effort of integrating the app outweighs the perceived losses of shared accounts.
Upvote
0
This.
If it really is viable to do still, you'd need to also use 2FA with constant logging out of the service once the session has expired (so no 'remember me' for user convenience).
If you wanted to then be super strict on it, you could display warnings when you track multiple login attempts from IP addresses that appear to be miles apart. So not actually preventing anything but scaring them into knowing it's against the rules and your account might be removed etc.
Upvote
0
A
arnydnxluk
I own an online game with a similar problem. It's against the game rules to share your account with someone else, or to operate multiple accounts. However there's nothing I can technically do to prevent a determined user from sharing their account with someone else. For example Player A could enable Player B to access Player A's computer remotely to play the game, and on the server side it would look just like Player A is playing the game themselves. Likewise there's nothing I can technically do to prevent a determined user from creating multiple accounts. I can however stop most users, as your typical user is not familiar with web technology and even those who are familiar aren't usually experts. Therefore doing things as simple as setting a long-standing cookie and then preventing second registrations from a device which already has this cookie in place is enough to prevent most cases of cheating. It does get a bit more advanced than that but like I say, in reality, a determined user can get around anything - that's just the nature of the web.
So, technically, there's nothing you can do. Once someone has access, any data can be saved as redistributed as they please. Realistically, for something like a newspaper, most people just want to read the paper through the official websites and apps. Therefore you don't need to worry about the edge cases so much. You can put "roadblocks" (as I like to call them) in place, e.g. logging in destroys existing sessions for the same type of device, and that will cover the most common problems you would typically run into from a technical point of view (e.g. customers sharing logins).
To really discourage users wanting to steal your content you mostly need to focus on the non-technical aspects: is your service compelling enough that customers won't want or need to share access? If your price is too high, more users will try to avoid paying it. Take the music industry for example, now that unlimited music streaming is available and affordable, most people no longer bother to pirate music, whereas a couple of decades ago pirating was becoming the norm for people acquiring new music. Likewise if you have features in a mobile app (for example) which requires a valid login (which can only be used on a single device at a time) then users will need to pay to access those desired features (vs. just having for example downloadable PDFs which can be redistributed much more easily). To give an example with the game I mentioned, the game is designed where possible to create little advantage for those who create multiple accounts, therefore while it's technically possible to circumvent all "roadblocks" to create multiple accounts, it's usually not going to benefit the user much.
Short version - put a couple of technical roadblocks in to prevent redistribution but place most of your efforts into discouraging account sharing etc in the first place. Make sure you have a compelling product at the right price.
So, technically, there's nothing you can do. Once someone has access, any data can be saved as redistributed as they please. Realistically, for something like a newspaper, most people just want to read the paper through the official websites and apps. Therefore you don't need to worry about the edge cases so much. You can put "roadblocks" (as I like to call them) in place, e.g. logging in destroys existing sessions for the same type of device, and that will cover the most common problems you would typically run into from a technical point of view (e.g. customers sharing logins).
To really discourage users wanting to steal your content you mostly need to focus on the non-technical aspects: is your service compelling enough that customers won't want or need to share access? If your price is too high, more users will try to avoid paying it. Take the music industry for example, now that unlimited music streaming is available and affordable, most people no longer bother to pirate music, whereas a couple of decades ago pirating was becoming the norm for people acquiring new music. Likewise if you have features in a mobile app (for example) which requires a valid login (which can only be used on a single device at a time) then users will need to pay to access those desired features (vs. just having for example downloadable PDFs which can be redistributed much more easily). To give an example with the game I mentioned, the game is designed where possible to create little advantage for those who create multiple accounts, therefore while it's technically possible to circumvent all "roadblocks" to create multiple accounts, it's usually not going to benefit the user much.
Short version - put a couple of technical roadblocks in to prevent redistribution but place most of your efforts into discouraging account sharing etc in the first place. Make sure you have a compelling product at the right price.
Upvote
0
A
arnydnxluk
Also to give a very quick idea in relation to the provided newspaper example: you could give your readers the ability to save articles to read later, to customise which news categories they see when first logging in and to customise which news categories they want to receive push notifications for. These are features which simply aren't effective on a shared account, therefore anyone wanting to take advantage of them needs their own account. It's less forceful but considering you can't stop a determined user from sharing content anyway, this is usually the best way to go about it in my opinion. Not the best examples but hopefully gives a better idea of what I mean.
This is probably why the likes of Spotify offer a family subscription for £15. They know most customers aren't willing to pay £10 x 5 for a family of 5 and they know many customers will share accounts even if it means only one person can listen at a time, therefore they come up with a product at a compelling pricepoint to solve the issue for users while increasing their revenue.
What type of subscription service are you offering / planning on offering?
This is probably why the likes of Spotify offer a family subscription for £15. They know most customers aren't willing to pay £10 x 5 for a family of 5 and they know many customers will share accounts even if it means only one person can listen at a time, therefore they come up with a product at a compelling pricepoint to solve the issue for users while increasing their revenue.
What type of subscription service are you offering / planning on offering?
Upvote
0
- Original Poster
- #12
Thank you everyone, especially @arnydnxluk !
Mike, thanks again for the time you put into helping on this. Really useful stuff. I think we'll go for this plan...
Thanks again everyone
This is a great point
Mike, thanks again for the time you put into helping on this. Really useful stuff. I think we'll go for this plan...
Mainly documents to support small businesses.
Thanks again everyone
Upvote
0
Latest Articles
-
What I Wish I'd Known Before Using AI in My BusinessSomewhere between the headlines promising AI will transform everything...- Ozzy
- Updated:
-
Is AI Making the Internet Worse?It started with a comment about music. @JEREMY HAWKE , a courier...
- Ozzy
- Updated:
-
The AI Divide: What UKBF Members Really Think in 2026Every few months on UK Business Forums, a thread appears that refuses...
- Ozzy
- Updated:
-
When the Algorithm Gets It Wrong: What eBay's AI Moderation Problem Tells Us About Platform RiskA thread appeared on UKBF this week that, on the surface, looks like a...
- Ozzy
- Updated:
-
Should you crowdfund? A framework for UK founders in 2026Three articles into a series on what crowdfunding actually costs, the...
- Ozzy
- Updated: