I must admit, employing inconvenient tactics to minimize the sharing of website accounts usually does more harm than good. It's hard enough to attract and keep loyal customers even when interfaces are very easy to use and convenient. Add inconvenience, and, in most cases, users will simply not put up with it.
I suggest providing incentives to *not* share accounts. For example, at Ancestry.com where I pay over $200 a year for full access to all the genealogy databases and other resources, I am tempted to share my account with friends and family. But Ancestry.com sends a lot of messages to the e-mail address registered with my account as part of the functionality of several features. Since the friends and family I would share with do not have access to my e-mail account, they cannot use these features as effectively. Also, it's very annoying when I receive e-mail messages referring to other people's ancestry.com searches that they perform with my account. So, I have a strong incentive to *not* share my account. Now, imagine if, by loggin in, friends and family could see sensitive information? ...or change the password, cancel the account, upgrade to more expensive levels of service with stored credit card info, etc. Now there's an even stronger incentive to *not* share my account. And you could even take this a step further... Implement a multi-step login. When someone logs in, send a verification code in an e-mail message to the address registered with their account. Require the user to enter the verification code in order to proceed. Make the verification code so that it (1) only works for 15 minutes and (2) only works with that particular browser session; this will keep users from sharing verification codes. Once the code is entered, set a cryptic cookie to confirm the user in the future and bypass the verification process. Then, in the future, if the cookie is not detected, send another e-mail and require a verfication code again. If the cookie is detected, then the user will not have to be inconvenienced. The down side to my solution is that users will switch to a more user-friendly competitor if one exists. But if you don't have competitors, or if you have exclusive content users can't get elsewhere, or if the content demands this kind of security, then it would be worth a little inconvenience, and users might even appreciate the extra level of security. Just an idea. Hope it helps. - Vieth > -----Original Message----- > From: jenksonu [mailto:[EMAIL PROTECTED] > Sent: Wednesday, June 30, 2004 9:33 PM > To: [EMAIL PROTECTED] > Subject: Re: [ASP] Logging website visitor information > > Thoughts that ran through my head ... > > 1. If your not going to help in this forum, take your mouse > pointer and stick it where it does some good. > > 2. You found a life slamming people in forums. > > Have a nice day and thanks anyway. > > > --- In [EMAIL PROTECTED], "David Smart" > <[EMAIL PROTECTED]> wrote: > > Thoughts that ran through my head ... > > > > 1. Get a life! :-) > > > > 2. Make your membership terms attractive enough that members will > not bother to share passwords. > > > > 3. The stuff you're collecting will not tell you whether members > are sharing passwords anyway. IP addresses of machines > change regularly (for dial up users at least) and there's no > reason why a member shouldn't use more than one machine > anyway. (On a regular basis I access the web from any of > four machines at home, three of the same machines at work - > but with different IP's because of a different ISP - and two > other machines at work. Different IP addresses - but same me.) > > > > Dave S > > > > ----- Original Message ----- > > From: jenksonu > > To: [EMAIL PROTECTED] > > Sent: Thursday, July 01, 2004 8:15 AM > > Subject: Re: [ASP] Logging website visitor information > > > > > > Membership tracking > > To keep members from sharing passwords! > > I would like to get more information to catch members cheating. > > > > > > --- In [EMAIL PROTECTED], "Shawn K. Hall" > > <[EMAIL PROTECTED]> wrote: > > > Hi Dennis, > > > > > > > Useing ASP I'm already logging > > > > Time, Date, IP, Host, Browser information, Opp System > > > > > > How about URL? And why not just parse the raw server logs? > > > > > > > > > > What else could be logged from a website visitor? > > > > > > Ethically? I think you're going too far already. > > > > > > What is the purpose of your logs and how will they be used? > > > > > > I've seen it happen that people initially just start collecting > > > information that nobody really needs (like IP/Host/Browser/OS) > then > > it > > > gradually becomes a subversion of that information - STILL not > > really > > > necessary - but collected and accounted beyond the needs of the > > > business and wasting resources to do it. > > > > > > Seriously consider *why* you're collecting this information > before > > you > > > dedicate your resources (time, manpower, processor, disk space, > and > > > ram) to it. Are you really wanting to have to provide completely > > > irrelevant reports to your boss (mind you most of that data can > be > > > faked) from now 'til doomsday? > > > > > > Regards, > > > > > > Shawn K. Hall > > > http://ReliableAnswers.com/ > > > > > > '// ======================================================== > > > "The time has come," the Walrus said, "To talk of > > many > > > things: Of shoes and ships and sealing wax, of cabbages > > > and kings, and why the sea is boiling hot, and whether > > > pigs have wings." > > > -- Lewis Carroll > > > > > > --- > > Outgoing mail is certified Virus Free. > > Checked by AVG anti-virus system (http://www.grisoft.com). > > Version: 6.0.711 / Virus Database: 467 - Release Date: 25/06/04 > > > > [Non-text portions of this message have been removed] > > > > ------------------------ Yahoo! Groups Sponsor > --------------------~--> Yahoo! Domains - Claim yours for > only $14.70 http://us.click.yahoo.com/Z1wmxD/DREIAA/yQLSAA/17folB/TM > -------------------------------------------------------------- > ------~-> > > -------------------------------------------------------------- > ------- > Home : http://groups.yahoo.com/group/active-server-pages > --------------------------------------------------------------------- > Post : [EMAIL PROTECTED] > Subscribe : [EMAIL PROTECTED] > Unsubscribe: [EMAIL PROTECTED] > --------------------------------------------------------------------- > Yahoo! Groups Links > > > > > > > ------------------------ Yahoo! Groups Sponsor --------------------~--> Yahoo! Domains - Claim yours for only $14.70 http://us.click.yahoo.com/Z1wmxD/DREIAA/yQLSAA/17folB/TM --------------------------------------------------------------------~-> --------------------------------------------------------------------- Home : http://groups.yahoo.com/group/active-server-pages --------------------------------------------------------------------- Post : [EMAIL PROTECTED] Subscribe : [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] --------------------------------------------------------------------- Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/active-server-pages/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
