LDX Design
  • WordPress LMS Themes
  • Free WordPress LMS Plugins
  • Video Hosting
  • LearnDash Mobile App
  • BuddyBoss Platform
  • BuddyBoss Services
  • LearnDash Services
  • WordPress LMS Themes
  • Free WordPress LMS Plugins
  • Video Hosting
  • LearnDash Mobile App
  • BuddyBoss Platform
  • BuddyBoss Services
  • LearnDash Services
Free SVG Patterns by SVGBackgrounds.com

How to Prevent Students from Sharing Login Information

By Dave Warfel

On February 23, 2019

In Tutorials

Affiliate Disclosure: We may be compensated if you use our links to make a purchase. We are extremely selective in who we partner with & only recommend products we believe in. Our affiliate relationships do not influence our recommendations.

In today’s world, shared accounts are commonplace. I bet if you asked 10 friends if they’ve ever used someone else’s Netflix or Amazon account, at least half would say yes. That might not be a huge deal for a company as big as Netflix—with 138 million paid subscribers (source) and $15.8 billion in revenue in 2018 (source)—but for your small business selling online courses, it matters.

You’ve worked hard to create an online course that provides value to your students. The last thing you want is for students to share login information with a friend, who then gets to take your course for free.

This article will outline how you can prevent students from sharing login information for your LearnDash site (or any WordPress membership or LMS). So far, I’ve identified three different solutions, which I’ll outline below:

  • Only allow one login per account, at a time – prevents simultaneous logins, but is more of a deterrent than a complete solution
  • Enable two-factor authentication (2FA) – a stronger solution that makes it more difficult, but still doesn’t completely prevent it
  • Social login – require a user to connect via Facebook, LinkedIn, Google or another account that they wouldn’t want anyone else to access

NOTE
There is no guaranteed way to prevent multiple students from sharing login information. You can make it more difficult, but you can’t completely prevent it from happening.

Should You Prevent Students from Sharing Logins?

Before implementing a solution, I encourage you to consider if it’s worth it. I understand your desire to get paid for your work. You’ve spent hours creating awesome content. You deserve to be compensated and not taken advantage of.

But did you ever wonder why even the biggest online giants (Google, Netflix, Amazon, Spotify, etc.) don’t prevent the sharing of login information?

They certainly have the resources. They could probably have it up-and-running in half a day. And yet, while most of them employ some form of advanced security (email notifications of suspicious logins, security questions, backup phone numbers, two-factor authentication, etc.), none of them completely prevent anyone from sharing login information.

I suspect there are at least two reasons, both of which you should consider for your LMS:

  1. They want you to be able to login from anywhere, at any time (because we travel, and demand convenience). How would they truly know if it’s you trying to login, or one of your friends?
  2. They want logging in to be as easy & seamless as possible, so that you come back and use the service. If you had to go through extensive verification every time you logged into Amazon, would you find somewhere else to shop?

Hopefully, you’ve given it some thought. If you’d like to explore the options, here we go…

☝ Only Allow One Login Per Account, at a Time

This method will prevent simultaneous logins with the same account. A student could still share their login information with a friend, and as long as the real student is logged out, the friend could log in.

If your courses are released on a specific schedule, or only run for a short period of time, this could be an excellent option. Because all students need to complete the course at the same time, this method would only allow one person to be logged in, taking the course, at a time.

LearnDash Integrity Add-On

LearnDash released an official add-on called Integrity. This add-on has several features, but the one that relates to this topic is the “Prevent Concurrent Logins” feature.

The idea is to only allow one person to login with the same account at a time. If someone is already logged in, and another person tries to use the same username/password from a different device, they are not allowed in.

You can enable this only for certain user roles, so you can exclude admins if you’d like.

In theory, this is great, however, the Integrity plugin has not worked as expected since its initial launch. There have been multiple reports of Administrators being locked out of their accounts, as well as other small bugs. Because of these things, I cannot currently recommend using the Integrity add-on.

If you’re curious how it works, you can learn more here.

🚷 WP Bouncer Plugin

WP Bouncer plugin

For this method, we’ll be using the free WP Bouncer plugin.

  1. Install & activate the plugin
  2. That’s it! There are no settings.

The WP Bouncer plugin will take care of everything behind the scenes.

  • User A logs in as “student”
  • User B then also logs in as “student”
  • The next time User A tries to load a new page, they are kicked out
  • User B continues to use the site
  • If User A logs back in again, User B is kicked out

They could continue this pattern indefinitely. I think the idea is to show both users (the paid student & the “free friend”) that it’s not worth it. They’ll keep booting each other out and neither will be able to use the site freely.

Of course, if they communicate their schedules, and make sure one is always logged out before the other logs in, they’ll be able to get around it. Thus why this is more of a deterrent than a complete solution.

Options & Filters

By default, the user who gets kicked out will see a warning message:

WP Bouncer warning message

However, if you know how to use WordPress hooks, there are a few filter hooks available.

  • ignore admins (allow admin accounts to be logged into simultaneously)
  • custom redirect URL (upon logout)
  • change the number of simultaneous logins allowed

📋 WP Activity Log

A similar but more powerful option to WP Bouncer is to use the WP Activity Log premium plugin. With WP Activity Log, you can decide how many simultaneous user sessions are allowed at one time (customizable by user role), or simply block multiple sessions altogether.

There are a few added benefits of using this plugin:

  • You can terminate anyone’s session with the click of a button
  • You can view all actions that a user has taken on the site (which pages they’ve viewed, when they last logged in, etc.)
  • You can allow admins or group leaders to share accounts but prevent students from doing so (or customize this however you’d like using different user roles)

Plus you’ll get tons of other features that you might find useful for a membership or LMS site. Check out WP Activity Log →

📱 Enable Two-Factor Authentication (2FA)

A slightly more advanced option is to use two-factor authentication (2FA). This method takes a different approach than the WP Bouncer plugin. With 2FA, each time a user tries to login to their account, they will need three things:

  • username or email address
  • password
  • a one-time, randomly-generated code sent to a single device

KEEP IN MIND
This method will make it more difficult to login—not just for the mooch who is trying to access your course for free, but also for the person who paid for it.

The additional code is typically a 4-6 character code sent via email, SMS text message, or generated via an app on a user’s smartphone. It is only valid for a very short period of time (30 seconds to 5 minutes), before a new code is needed.

There are also some two-factor authentication apps you can install on your phone, and simply tap a button to confirm your login.

Technically, a student could receive a 2FA code on their phone, and still have time to share it with a friend, who could then login. But because of the short lifespan of the code, the student and friend would need to be in immediate communication with one another.

With LearnDash & WordPress, there are multiple plugins that enable two-factor authentication. I recommend you read through the details of each, and choose the one that works best for you.

  • Google Authenticator by miniOrange – Free & premium options for most of the common 2FA smartphone apps
  • Two Factor Authentication by UpdraftPlus – Free & premium options that support Theme My Login, WooCommerce & several other plugins
  • Google Authenticator – Older, and not recently updated, but still works well
  • Two-Factor – A super-simple plugin that could eventually get merged into WordPress core. Limited options.

If you already use the premium version of either iThemes Security or Wordfence, they both offer two-factor authentication as well. You might want to consider using their options before installing another plugin.

👥 Social Login

Personally, I’m not a fan of requiring a user to authenticate with a third-party service. Some users might not have a Facebook account, or just don’t want to connect Facebook with yet another application (Facebook isn’t necessarily known for protecting your data 🤨).

However, most students would not be comfortable providing access to a very personal social media account. If you required them to connect to a social account when they log in, it’s unlikely they would share this access with anyone else.

Social Login Plugins

There are quite a few social login plugins to choose from, but I’d probably recommend this one:

  • Nextend Social Login

I haven’t personally used it, but I’ve done some research, and it appears to be the best all-around option. Please let me know if you’ve used it, or have other recommendations.

Other Thoughts/Ideas

  • 11/19/2022: Facebook post

I certainly realize the desire to prevent the sharing of login information, but you should consider if it’s worth the added frustration it could cause to your actual students. If you decide to implement something, keep a close eye on any student feedback you receive.

If you have another suggestion for how to prevent multiple logins on the same account, please share it in the comments.

Login

Previous

How to Award a Certificate on Completion of Multiple Courses (Certification Track)

Next

Design Upgrade Pro: LearnDash 3.0 Compatibility Is Here 🎉

8 Comments

Add Comment →

  1. Will

    Great post! Very useful! Congrats.

    April 21, 2019
    Reply
    • Dave Warfel

      Glad you found it help, Will. Have you implemented one of these solutions? I’d love to hear about how it’s going for you, or if you’re getting any student feedback about it.

      April 21, 2019
  2. Callum

    Hey Dave, im just wondering if any of those solutions to restrict simultaneous log-ins by allowing 1-login at a time allow me to cap it at 2 logins at a time? Do you know if there is any functionality to allow that? Thanks heaps for your great work on LD. Callum

    February 2, 2020
    Reply
    • Dave Warfel

      Yes. The WP Bouncer plugin allows this. You can use the wp_bouncer_number_simultaneous_logins filter to allow a defined number of active “sessions.”

      They link to this page for a code example, but it requires a paid account on Paid Memberships Pro. You might be able to hire a developer to write some quick code for you, or scan through the plugin files until you find the filter, and if you research how to use WordPress filters, can probably figure out how to write the code. It should only be a few lines of code.

      February 2, 2020
  3. Saidi

    thank you for awesome advice. is there any option of protecting my content by imitating how AntiVirus software works? if user has already used the code to access the content it will be active only for that particular device for a certain period of time , is there this option?

    February 17, 2020
    Reply
    • Dave Warfel

      Nothing that I know of off the top of my head. But if something like that exists, I would look at membership and/or content restriction plugins, like Restrict Content Pro, MemberPress, etc.

      February 17, 2020
  4. Mauricio Gil-Angove

    Hi there! I use learndash and my question is: When a student take a certificate, how can this student share this certificate to Linkedin from my website?

    May 4, 2020
    Reply
    • Dave Warfel

      This is not a feature of the core LearnDash plugin. You might be able to do it with custom code but I have no idea how.

      May 11, 2020

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

LMS Tutorials & News

  • Example LearnDash course grid carousel on mobile

    Create a Carousel for LearnDash Course Grid & Lesson List

    April 2, 2025

  • LearnDash 4.15 Design Features & Design Upgrade Plugin Compatibility

    May 9, 2024

  • BuddyBoss vs. BuddyPress: What’s the Difference?

    May 1, 2024

  • 13 LearnDash Alternatives: LMS Plugins & Platforms with Similar Features

    May 1, 2024

  • How to Downgrade/Rollback Your LearnDash Version

    April 18, 2024

Related Content

How to Set Up LearnDash Login Redirects

Do you want to redirect your users to a specific page when they login to your LearnDash site? There are several ways to set up the LearnDash login process, and they all have different approaches to where they send users...

Limit the Width of the LearnDash Login Modal

If you’re using LearnDash’s login modal, you might feel as though it’s a bit too wide. If you aren’t also using the free registration part of the modal, then the login form takes up a lot of space on the...

LDX Design

LearnDash tutorials, reviews, and comparisons with other WordPress LMS platforms.

Contact Us →

Favorite Products
  • Kinsta WordPress Hosting
  • Rapyd BuddyBoss Hosting
  • GeneratePress Theme
  • Elementor Site Builder
  • Uncanny Toolkit for LearnDash
  • Uncanny Automation Plugin
  • BuddyBoss Social Learning Platform
  • Kinsta WordPress Hosting
  • Rapyd BuddyBoss Hosting
  • GeneratePress Theme
  • Elementor Site Builder
  • Uncanny Toolkit for LearnDash
  • Uncanny Automation Plugin
  • BuddyBoss Social Learning Platform
LearnDash Resources
  • LearnDash Plans/Pricing Explained
  • LearnDash Web Hosting
  • LearnDash Video Hosting
  • LearnDash + BuddyBoss
  • LearnDash Blocks & Shortcodes
  • LearnDash Focus Mode Guide
  • LearnDash Course Grid Guide
  • LearnDash Plans/Pricing Explained
  • LearnDash Web Hosting
  • LearnDash Video Hosting
  • LearnDash + BuddyBoss
  • LearnDash Blocks & Shortcodes
  • LearnDash Focus Mode Guide
  • LearnDash Course Grid Guide
LMS Platforms
  • 7 Free WordPress LMS Plugins
  • The Best WordPress LMS Themes
  • LearnDash vs. Teachable
  • 7 Free WordPress LMS Plugins
  • The Best WordPress LMS Themes
  • LearnDash vs. Teachable
Services
  • LearnDash Customization
  • LearnDash Consulting Video Calls
  • BuddyBoss Customization
  • LearnDash Customization
  • LearnDash Consulting Video Calls
  • BuddyBoss Customization

Escape Creative, LLC  ©  2019-2025. All Rights Reserved.

Privacy Policy   /   Cookie Policy   /   Contact Us

 

Loading Comments...