[thelist] Protecting a paid membership website from password sharing

[Bob Meetin]

On 08/22/2013 09:18 AM, David Kaufman wrote:
> Hi Bob,
>
> On 8/19/13 3:31 PM, Christopher Marsh wrote:
>> If it's worth people sharing an account, they will share regardless of
>> what constraints you put in place. By trying too hard to prevent it you'll
>> just alienate legitimate users, and hurt your business. An alternative is
>> to add analytics that report on whether accounts are actually being
>> shared. If they are, introduce shared accounts to your business model -
>> making it easier for people to pay to share than cheat. Treat it as an
>> opportunity, not a cost.
>
> Strongly agree.  Again, since you haven't explained the nature of the site it's hard to be specific but, as Christopher says, think of it as an opportunity to monetize your users tendency to share, rather than than "preventing them" from sharing.  The carrot could be a feature that lets them add users to their account (maybe for free, maybe for a little less than they would pay for their own accounts), and the stick could be that if they share their passwords instead, the "friends" they let in will also be able to make purchases that would be billed to the "sharer".
>
> What kind of site is it?  Is there data in the users account, that they might want to share with friends, family, colleagues, etc?
>
> thanks,
>
> -dave

I cannot discuss specifics.  Over time it will have lots of 'expensive' images (thus the disk space needs) which the business owner does not want folks sharing freely. These will be only available to paid members.  He also wanted me to find a way to prevent visitors from downloading the images - all but impossible and I've convinced him of this for some of the same reasons. More likely to tick off common members than worth attempting to implement image protection techniques that motivated pirates can easily skirt anyhow.

Data in their user account? Nothing much - too bad we cannot store bank info, social security number, credit card, paypal password, etc. that would truly discourage the behavior. :) So sad...