This article will how you how prevent members from logging in to the same account with the same credentials.
Understanding the Default Setting
By default, concurrent logins are possible. That means multiple users can enter the same email and password and stay logged-in at the same time. In some circumstances (e.g. a team of remote workers), concurrent logins might be a desirable setting. It all depends on your needs, but the good news is you can enable and disable that setting as required. Here's how.
Preventing Concurrent Logins
- Go to your Memberstack dashboard.
- Click Settings on the side menu.
- Scroll down to the Other heading.
- Switch on the Disable concurrent logins toggle.
A popup window displays.
- Read the terms (it lets you know that all logged-in users will be logged out if you proceed).
- Check the box to proceed.
- Click Confirm.
- Click Save on the next page.
- Note To enable concurrent logins, switch off the toggle and click Save.
The Result
Let's say User A logs in to an account.
- Ten minutes later, User B logs in to the same account with the same ID and password.
- Memberstack automatically logs out User A.
- Ten minutes later, User A logs in with the same credentials.
- Memberstack automatically logs out User B.
The most recent login instance is active. The older login instance is logged out.
That's it.
Now you know how to enable and disable concurrent logins.
Comments
10 comments
You are amazing guys ❤
Thanks PieBlc12 😊
Hello,
If two people are connected on the same IP, do they get disconnected ?
Thanks
William de Broucker I checked with Tyler and he says:
"If they are logged in with two different emails on the same IP address they won’t be disconnected.
If two people are logged in with the same email, whoever logged in first will be disconnected.
Thanks ! I'm using a lot of iframe in my website so i'm afraid that will create a disconnection 😵💫
If a same people logged in with the same email but different browser, the first browser will be disconnected?
Yup! The first browser would be disconnected.
Hello Duncan from Memberstack,
Can this feature be limited only to heavy users ? (I could flag them manually with a custom field if needed)
Thanks
William de Broucker That's not a native option yet, but that is an interesting feature request.
I wonder if this could be achieve via custom code... imagine a code snippet which saves the most recent X login attempts to JSON. The details here would be up to you but here's an example... if all 10 logins happened in the last 5 minutes then you could automatically log them out. And display a message which says "Too many login attempts. Please wait 5 minutes before trying again."
And if you want to limit this to just a few users you can only run the script if they have a particular plan or have a certain custom field set to TRUE, for example.
Yes that would be great ! cc. Raquel Lopez
Please sign in to leave a comment.