how to prevent shared password

I am an ASP programmer. Using ASP when a person logs in I would set an application object. and have that object contant the value of the users IP address. Then have my security check for the application object. If it ='s the users IP then they would not be interupted. however if the object exsisted and the ip didnt match then they would get bumped saying account already in use. to clear it.. have a script when the persons session ended to clear the application object.

That only works if they've broadband.

Why would that only work for broadband? Only broadband people have IP addresses now adays?

well, yes.

dialup use rotating IPs. Actually, my broadband (DSL) uses rotating IPs as well.

Since IPs are finite...

Suzanne

but your ip doesnt change during the session. if you disconnect, and redial you may get a new ip, but it's not like it just changes on a whim.

lol, very true -- imagine how exciting it would be if we had rotating IPs! Ack!

I was thinking more of sharing but not concurrently. Thanks for the clarification.

Suzanne

Dial Up = New Ip every Time you sign on
Broad band = Static IP addy unless you're using aol then it's just like dial up.

I am interested in this thread because I just started a membership site. I'm ready to shut it down too. Already I have situations were members appear to be sharing their accounts. One lady said she travels and uses MSN from different locations. However, all of her logins indicate UUNet, Qwest and Sprint has accessed her account. Does MSN biggyback with Qwest and Sprint? I've ran this question past a friend who has had a membership site for years and he said he's never seen these three ISPs piggyback before. Anyone else know? I should note that the system specs are the same on all her logins whether or not that really says anything, who knows. Any help you could advice would be appreciated.

When travelling, various ISPs "rent" lines from other providers to supply service for their customers.

And I have broadband, and I do not have a static IP. IPs are limited, not infinite. Unless you pay for a dedicated line and a static IP, you will have whatever IP is available when you log in. If you log out and in (I put my comptuer to sleep nightly so it doesn't remain connected when I'm not using it), you may get a different IP.

Even "always on" connections will reset and you may get a different IP if you have to, say, reboot to install software, or have a power outage.

Also, many people use more than one computer to access the internet.

eg) work and home, hotels, i-cafe, etc.

So what is the answer then? How can I prevent people from sharing their membership passwords?

You can't.