Prevent users from sharing login credentials in WordPress

Login One User Instance Code Snippet (cropped)

As any Information Governance expert will tell you, sharing usernames and passwords is bad! Fortunately we can boost your WordPress security with this tip.

Although nothing is as good as educating your users as to why they shouldn’t be sharing their usernames and passwords, in WordPress we can certainly make it difficult for them to do so.

Simply add this snippet to your functions.php file:

This snippet only allows one instance of a user credentials to be logged into to the site at once. So if your users are sharing their details, only one will be allowed in the system at a time (and the other people logging in with the same credentials will get kicked out).

Not only will this boost your sites security, but it should encourage your users to login with their own details (after a few times of being kicked out).


Matt Watson

Technical Lead at Make Do
Matt Watson is the co-founder and technical lead of WordPress agency Make Do. Matt loves writing and learning about code, and considers himself lucky to be doing what he loves for a living. Find out more about Matt, or get in touch to hire Matt for your project.

2 thoughts on “Prevent users from sharing login credentials in WordPress

  1. alberttrotter

    i am facing issues at line
    $sessions = WP_Session_Tokens::get_instance( get_current_user_id() );
    can anyone help????

Leave a Reply