How about checking for concurrent logins? Seems to me that more often than not, if people are sharing passwords at some point they will be logged on at the same time. Then disable that account for abuse.
-----Original Message----- From: [EMAIL PROTECTED] [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Saturday, April 23, 2005 6:58 AM To: CF-Talk Subject: login issues We run a paid subscription service for students to help them pass their state and national boards. We've found that some subscribers are passing around their login info and getting into our site for free. I've tried to do an IP comparison when two users login with the same login. This is not ideal with dynamic IPs or when a valid subcriber uses a computer at work or a computer at home to access our site. There might be more to the IP sniff to make it work than I have knowledge of though. Is there a way of restricing access to x number of computers/browsers per subscriber? From my understanding it can be done with cookies - dropping a cookie on only the browsers that are to be used. But that has it's own issues like cookie deletes through computer crashes or, as I've just been told, that you can get an extension for Firefox that allows you to create and edit cookies as if they were set by the site. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:204122 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
