Hi! Is there any type of limit to the number of units that can log in for a specific paying member on a ghost site? Or is there any other way of battling account sharing? Thanks in advance from a complete rookie. :)
/David
Hi! Is there any type of limit to the number of units that can log in for a specific paying member on a ghost site? Or is there any other way of battling account sharing? Thanks in advance from a complete rookie. :)
/David
Magic links (like 2FA) are generally a nuisance for account-sharers, because the account holder has to forward the magic link to the friend trying to log in.
Soā¦ if youāre self-hosting, you might look at changing the expiration on the cookie issued by Ghost to require more frequent logins. Iām not sure if thereās a config setting that does that - one isnāt jumping out at me, but if you can edit the code, you should be able to change it. Update: Itās hard coded: Ghost/ghost/members-ssr/lib/members-ssr.js at main Ā· TryGhost/Ghost Ā· GitHub - thatās the file youād need to change in the Ghost core.
If you donāt want to touch the Ghost core (for good reasons like having to deal with updates), or if you need something to work in managed hosting, thereās a ālog out of all devicesā option on each memberās page. You could write some automation that uses that endpoint to log out each member every so often (a few days? a few weeks?). Your non-sharing members will probably also hate that, unfortunately, but itāll be a real pain for the sharers.
Reality check: If your content goes out over email, itās hard to prevent the recipient from just forwarding it, so before you do anything from the list above, it may be worth thinking about ways in which users might be sharing. Adding friction to only one route may not be very effective.