Stop multiple users using one account

Hi guys, sorry if this has already been covered, but is there a way to stop multiple users using one account? My app is very niche and everyone knows everyone in my industry you see, and as my app will be subscription based, that could cause an issue. Thanks in advance!

Each user would have to log in with their email/password… so unless they are all giving out their passwords to each other it shouldn’t be an issue?

You could create a 2FA function within your app and force it for login. That way they would not only have to share their password but also provide a code to the person each time they want to login on the shared account.

Unfortunately thats exactly what they’ll do Tony

Thanks Colin, can you please advise on using a 2FA ? This could be an excellent solution. I’ve had a quick look but can’t find any tutorials, though Im sure im looking in the wrong places…!

I do not think we have any specific tutorials about this. I will add it on my to do list.

There are quite some steps involved in getting this working. I will scratch out some time in my agenda this week to make a cloneable for this.

4 Likes

Top banana, thank you. If you could tag me in it when it’s done I’d be very grateful

Hi @Colin , have you had a chance to look into this yet? Sorry to pest you

I haven’t yet had the time to get to this I’m afraid. It is still there on my to-do list and hopefully can get to it in the coming weeks.

1 Like

Possibly a good topic for a new YouTube tutorial @Victor ?

1 Like

@Michael that’s an interesting topic :slight_smile: though I need to explore it more first. Twilio’s Authy provides an API for 2FA, as well as many others. The main problem here is to study these APIs :slight_smile:

As for question of @JLCSerious: one of the possible ways to restrict users from logging in might be to introduce “Is Logged In” boolean property in the Users collection. This may help to prevent simultaneous login of 2 users. However, this might be tricky to set up, especially working with corner cases. May be I’ll add that to general users&security video which I plan to make sometimes :).

With 2FS there are more protective measures: you can implement PhotoID check, biometrics, etc… (see here, for example: https://authenticating.com/). But my personal opinion - if users really want to share 1 login, they will find the way :slight_smile:

Thank you all.

@Victor , is there a way to have a login link sent to a unique email address before opening? For example, I use Monzo banking app. When you sign in, you have to go to your email account and click a link which takes you back to the app. Just an idea…

Hi @JLCSerious,

Well, I’m not sure about the login link.
Theoretically you could generate a code upon login, send it via email, and then ask for that code in the app. This is all doable in Adalo. Probably this is the easiest way to implement 2FA, as @Colin suggested.

In my previous answer I think I’ve overcomplicated 2FA a bit :slight_smile: :slight_smile:

Best,
Victor

Hi @Victor , that’d be great…any pointers?

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.