Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hello,
I have to work on an app and my client wants to have a system to prevent from sharing a unique account between several users.
Here is an example.
The society A is in 4 cities : A1, A2, A3, A4. The society A should pay for 4 accounts. But it pays for only one account and shares its user/password with A1, A2, A3 and A4. But A1 is authorized to share the codes between all employees who work in city A1.
How is it possible to detect this behavior and secure the accounts to avoid this abusive sharing of user/password ?
I thought about these ways :
Do you have any other ideas ? Is there a reliable way to do that ?
Thanks a lot.
Vincent
Each employee of A1 should have their own unique login but be linked to A1. You could look into allowing only one unique login at a time. Set how many A1 is authorized to have logged in. Say it is 300. If suddenly they have 600 logins you know something is not right.
Thank you @jlrdw that's effectively a good idea and it even allows a user to connect from home, that's good !
Using this way, is it possible to avoid that A1 pays for 4 distinct accounts (initially only for A1) and gives 3 accounts to A2, A3 and A4 ?
Preventing a user from giving login information to someone, there's no way.
But having extra fields in the database as needed, and allowing only one active user with a certain user name, password, and city code at a time would be a big start.
Also you could do it via license so A1 has to pay for X number of users. A2 pays for z number, etc.
This boils down to listening to duplicate logins, which the system shouldn't allow.
Please or to participate in this conversation.