By default users can login into WordPress at the same time from multiple locations. When you have a membership website this can hurt your profit because users can share their credentials with each other and pay for just one subscription. Fortunately we can stop this with a simple plugin.

WordPress and User Sessions

Before fighting the problem let’s have a look how WordPress handles authentication and handles the user sessions of logged in users. Like many other online applications WordPress uses cookies to identify of a user is logged in or not, these cookies don’t contain your password but instead contain your username and a special signature key that WordPress uses to identify you had a successful login.

Let’s assume you access your website from a public location, e.g. a library. If you click the “Remember Me” check box then anyone from that computer can login into the WordPress website as well as from any other computer (WordPress allows the same user to be logged in from multiple locations).

Knowing that the same user can be logged into WordPress from multiple locations using the same credentials you can see why this can be harmful from a business perspective, special if you run a membership website where you offer premium content. Users could simply sphere their credentials with their friends, colleagues, etc. who will access your membership website for free.

Stop Concurrent Logins and Password Sharing in WordPress

The first thing you will need to-do to stop users having concurrent logins is to install and active the Prevent Concurrent Logins plugins. It’s a pretty straight forward plugin that works out of the box, so once installed you are good to go.

You can test the plugin pretty easy by yourself also, open your WordPress website in two different browsers on your computer (or use the private/incognito mode of your browser). When you login into your site with a username and password it will log you in successfully however if you try to login again, in another browser, the plugin will terminate the first login session and will show the login page again.