i would like to create some members-only content (perhaps role-based), which i think i know how to do -- but beyond this my concern is people using someone else's login. that is, what's to prevent a member from giving out their login info and circumventing the registration process?
[resolved] members-only content? (4 posts)
-
-
jlink7
Posted 6 years ago #Unfortunately, nothing. People do this EVERYWHERE online, in fact, BugMeNot was made for specifically this reason.
Of course, it's not just limited to websites, either. People share gaming accounts, Napster accounts, etc.
There isn't really anything you can do unless you want to do something drastic and monitor IP address to restrict a login to a specific IP or range of IP addresses.
-
thanks for the info jlink. that sucks but what can you do...
-
The sites that deal with this sort of problem most frequently are, not surprisingly, porn sites. Username sharing there is fairly rampant.
The most effective solution, as I understand it, is to have your login scripts record username + IP address + datetime of login. If a single username logs in from too many different or widely spaced apart IP's in too short a timespan, the username gets blocked/cancelled. Alternatively, the username gets its password changed and the legitimate user must contact you to get the new password.
You could probably use IP-to-Geo services to get an idea of distance between logins and, using this, perhaps work out an algorithim to detect when a user has shared his login info.
Topic Closed
This topic has been closed to new replies.
