By Editorial Staff | Reviewed by Syed Balkhi | October 14, 2024 | Reader Disclosure
Many people share their Netflix account logins with friends. To combat excessive password sharing, online services have begun to restrict the number of devices that can access a single account simultaneously.
Numerous readers who operate membership websites and provide online courses express their concerns about the sharing of login information, as it negatively impacts their revenue. This is why they seek to implement similar login restrictions on their platforms.
This article will guide you through the process of limiting each user’s login to just one device on your WordPress site. By the time you finish this guide, you will understand how to safeguard your content and ensure that only paying users can access it, thereby helping your online business remain equitable and financially viable.
Streaming platforms are grappling with the issue of users sharing their login details. In 2023, Netflix disclosed that approximately 100 million households globally were engaged in password sharing. That’s quite significant!
A similar challenge arises for many WordPress sites, particularly those focused on memberships and e-learning. By default, WordPress allows users to log in from an unlimited number of devices and browsers at the same time.
While this might seem harmless to users, it can have a profound effect on a site’s revenue and overall user experience. For instance:
By restricting user logins to a single device, you can better gauge the number of genuine users, boost your earnings, and preserve the integrity of your content or services. Additionally, this approach ensures a fair experience for all paying customers and enhances the overall security of your site.
Limiting logins is not a matter of distrust towards users. Rather, it’s aimed at maintaining fairness on the website while ensuring its smooth operation. This ultimately benefits both the site owner and the genuine users.
The initial step you should take is to install and activate the free Loggedin – Limit Active Logins plugin. For detailed instructions, you can refer to our guide on how to install a WordPress plugin.
Once activated, the plugin kicks in immediately and restricts each user to a maximum of 3 active logins.
According to the settings, if a user hits this limit, they may find themselves unable to log in on a new device until they log out from one of their other devices. More information on this will be provided below.
Note: After logging into WordPress, users typically stay logged in even after closing their web browser. They must log out manually via the ‘Howdy’ menu located at the top right corner of the interface.
To adjust the plugin settings, navigate to Settings » General in your WordPress dashboard and locate the ‘Loggedin Settings’ section by scrolling down.
In this section, you can modify the value in the ‘Maximum Active Logins’ field to specify a different allowed number of logins.
The ‘Login Logic’ option defines the actions taken when the user hits the maximum active login threshold:
If you want to limit user logins to just one device, you’ll have to configure the ‘Maximum Active Logins’ to 1 and set the ‘Login Logic’ to Block.
Alternatively, if you are okay with users logging in from any device, as long as they are only logged in on one at a time, set ‘Maximum Active Logins’ to 1 and ‘Login Logic’ to Allow.
Remember to click the ‘Save Changes’ button to apply your settings.
The plugin also provides an option to log out a specific user from all devices. Just enter their user ID and then click the ‘Force Logout’ button.
You can discover how to locate a user ID by following our comprehensive guide on finding post, category, tag, comments, or user ID within WordPress.
It’s possible to override login restrictions for specific users or user roles.
For instance, ensuring that your site administrators and editors remain accessible without the risk of being locked out is crucial. Additionally, you may have key team members who typically operate from various computers across different locations.
To implement this, custom code snippets must be added to your WordPress theme’s functions.php file. Bear in mind that even a minor error could render your WordPress site unusable, so it’s advisable to consult our guide on safely adding custom code in WordPress.
We suggest utilizing WPCode as it provides the most secure method for incorporating code snippets, eliminating the need for manual adjustments to the functions.php file.
Bypassing Login Restrictions for Certain Users
To start, install and activate the free version of WPCode, then go to Code Snippets » + Add Snippet in your WordPress dashboard.
After that, move your cursor over the ‘Add Your Custom Code (New Snippet)’ option and click the ‘Use snippet’ button that appears.
A notification will appear at the lower part of the screen prompting you to choose the code type for your snippet.
You need to select the ‘PHP Snippet’ option.
This will direct you to the Create Custom Snippet page, allowing you to input the necessary code. Begin by entering a title for the snippet, for instance, ‘Bypass Login Restrictions for Certain Users’.
Next, copy the provided code snippet and insert it into the ‘Code Preview’ section:
Now take a look at the line that begins with $allowed_users = array
. Replace ‘1, 2, 3, 4, 5’ with the specific user IDs of those you want to allow bypassing the restriction. You can include as many user IDs as needed, ensuring they are separated by commas.
You can discover how to find a user ID by referring to our guide on how to locate various IDs in WordPress.
Lastly, make sure to set the snippet to ‘Active’ and then click the ‘Save Snippet’ button to save your changes.
Bypassing Login Restrictions for Certain Roles
To bypass login restrictions for specific roles, you can follow these steps. First, create a new code snippet named ‘Bypass Login Restrictions for Certain Roles’. Next, paste the relevant code snippet into the ‘Code Preview’ pane.
This particular snippet allows the ‘administrator’ and ‘editor’ roles to bypass the login restrictions. If you wish to include additional roles, like ‘author’, simply enclose them in single quotation marks and separate them with commas.
When you’re finished, remember to toggle the snippet to ‘Active’ and press the ‘Save Snippet’ button to apply your changes.
We hope this tutorial has assisted you in learning how to limit user login to a single device in WordPress. You might also be interested in our ultimate guide on establishing a WordPress membership site or our curated selection of the best WordPress LMS plugins.
If you found this article helpful, please consider subscribing to our YouTube Channel for WordPress video tutorials. You can also connect with us on Twitter and join our community on Facebook.
Syed Balkhi
Hello WPBeginner readers,
Did you know that you could win exciting prizes by commenting on WPBeginner?
Each month, our top commenters will receive amazing rewards, including premium WordPress plugin licenses and cash prizes.
You can find more details about the contest here.
Start sharing your thoughts below to have a chance to win!
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.