Account sharing
Account sharing is when one account is used by more than one person: a login passed around a household, a team seat split between coworkers, a subscription resold to strangers. The credentials are correct every time, so nothing looks wrong at the auth layer. The tell is the pattern of use over time: more devices and more locations than one person racks up, plus activity in two places at once.
This is the risk Rupt v2 was built around, and it's scored on the access action. It also stays in play on login so you can act at sign-in rather than waiting for the next page view.
What Rupt looks for
- Device count: how many distinct computers, tablets, and phones have touched the account. Counts are tracked per device type, since five phones on one account reads very differently from five shared computers.
- Concurrent sessions: the account is active from two places at the same time, which one person can't be.
- Impossible travel: back-to-back activity from locations too far apart to bridge in the time elapsed.
- Velocity: an unusual rate of activity for a single user.
Severity and response
The checks aggregate into an account_sharing risk severity. Sharing is rarely something you want to hard-block, since the account holder is often involved, so most teams challenge to re-verify the owner, or add them to a list for follow-up and treat repeat offenders as an upsell to a larger plan. Your policies decide which.
- Need help? Contact support.
- Want to see Rupt in action? Request a demo.
- Questions? Talk to sales.
- Check out our changelog.
- Check our status page.
- LLM? Read llms.txt.