Site owners - When do you terminate a member who you think is password sharing?
 

When you think someone has shared a password, do you email the person first and ask about the issue or do you just terminate him/her? I have strongbox and I can tell when a member has many different IPs have accessed the site. Some I have let slid, others I have flat out terminated. It depends on how I'm feeling that day. However, I really don't want to lose their business as these people could keep rebilling for 6 months as far as I know. Also, I know many of these people use the same login info on multiple sites, so haxorz can access sites using their info without the member knowing. So, what to do?

Thanks in advance!

Eric

I let proxxypass block them for 10 days, if they email me and ask why they can't access we tell them why and ask them to change there un and pw, if it gets hacked again after then we know there sharing and leave them blocked

How many IPS per day - per week?

We use software to handle that as well.

Cool. Thanks. I'll let them know they need to change their username and password and keep an eye on them after that. It varies on the ISPs.. 3-10 in a week or day.

What about the issue of charge backs? Do you refund or have you not had a chargeback issue with password sharing people?

We just let iprotect do its job. If only a few people are sharing, it would still be worth it to me to keep getting the rebill.

They are blocked as soon as they show up from different IP blocks. The system auto blocks them, and changes their password.

If it happens again, they then have to call or write and ask, "what up" personally.

I let proxypass block them too

proxypass, when 3ips are logged, block for 24hours, change pass to some d5FGfds1va6 and email to member, if it will continue do this three times and then say sorry to him cause his email or computer is hacked and that can be danger for your or your members security

I think that banning paid members is a bad idea. First of all, the same person can log in from home, then from work, then from laptop via wi-fi. If you want, you can ban these members automatically. As a result, your site's reputation will fall down, and there will be someone why may post messages on various forums and blogs that you are scam. I think that notifying these members by email about changing and not sharing their passwords is the best solution.

If they bandwidth-suck, its termination time.

And don't let them tell you, "I'll be baaack" or let them convince you that you have to "Come with me if you want to live."

Termination. T-1000 style.

This is very true. Just because they login from a few different IPs doesn't necessarily mean that they are sharing. :2 cents:

If it walks like a duck and talks like a duck its probably not a chicken ...

If someone is just logging in from multiple ip's the downloads should be random, sporadic and average ... if a password has been shared or hacked you'll notice different movement in that account. I'm not sure if pennywize is still available for lease but it has a download counter for each user/pass that shows you who has downloaded what. Its not hard to spot the cheats if you have the right data.

bump for good topic!

I use strongbox.. I check my logins all the time. With password leaks I first make sure the account should still be active (that does happen). If it's a leak I change the password and email the member a simply email that says we changed the password, and here is the new login details.

If the account re-leaks (very low %) and the account is a fresh cancel, I kill the access. If it's an old account I select a new hard password, from here if a re-leak happens again I cancel and close the account.

I check all failed password logins, and email the member a notice on why they are having login problems. I email 80% to the 20% that ask for help.

From here I check every login that takes place, since I can see every country/ip, anyone that has more than 2 logins from a different country/isp/ip I email a new password.

i just change the password to there street address on file if they think ya know where they live they aint likely to do any shit
email them with a nice email saying ya password was changed for security reasons blah blah

lol that's (evil) genius! :thumbsup

I have a new password for the members.

You can spend a lot of time looking for password share'ers..
They get a email after they get blocked to change it..after the third time and warnings..we ban them!

it depends on how much they downloaded, how different their IPs are and also if the customer is and old one and might come back or rebill.

I'd re-enable the user can change the password only, not the user name, once
and email them the new password, telling them to be sure to keep it safe.
If the new password gets out on the password sites I'd probably cancel them.
I might give them one more chance. If a total of three different passwords of
theirs get out I'd figure they were giving it out and get rid of them.

One thing to be aware of, though, is password file ripping. If a LOT of passwords
get out at about the same time, a cracker probably found a hole in some PHP
script and downloaded your whole password file. That happens a lot if you use
the old DES encryption that was for so long the standard way to encrypt passwords.
That's not the user's fault, of course. In that case I'd upgrade the encryption, which
we can help you with, and assign new passwords to the affected users.

Normally I wouldn't change someone's user name, only their password, so it's
easy to see later if the same users password keeps getting out.