---
title: Thinkific account sharing prevention
description: Thinkific has no native account sharing protection. Add Rupt with one script tag to detect and stop account and password sharing on your courses.
navigation:
  title: Thinkific
---

# Thinkific account sharing prevention with Rupt

Thinkific has no built-in account sharing or password sharing protection. Rupt adds it with a single script tag: paste it into Thinkific's site footer code, add a policy in the Rupt dashboard, and Rupt detects concurrent sessions, challenges the extra viewer, and logs unauthorized devices out. No server code required.

This guide assumes you've already chosen Rupt and want to wire it into Thinkific. For the background on why account sharing happens and how detection works, see [Account sharing prevention](/docs/v3/guides/account-sharing-prevention).

## Step 1: Add the Rupt script to Thinkific

The script loads on every page, reads the signed-in Thinkific user on its own, and triggers a challenge when one of your policies fires.

In Thinkific, go to **Settings → Code & analytics → Site footer code**, paste this in, and save:

```html
<script
  src="https://cdn.rupt.dev/integrations/thinkific/1.0.1/thinkific.js"
  data-client-id="xxxx-xxxx-xxxx-xxxx"
  async
></script>
```

Swap `xxxx-xxxx-xxxx-xxxx` for your client ID from the [Rupt dashboard](https://app.rupt.dev). There's nothing else to wire up.

Rupt's [Access protection](/docs/v3/fundamentals/access-protection) handles detection, the challenge, owner verification, and device capping on the client. No extra code on your side.

## Step 2: Configure your account sharing policies

Policies are what actually catch sharing. Without at least one policy on the `access` trigger, the script runs but never challenges anyone.

A policy has a trigger (the event it runs on) and a verdict. In your [policies dashboard](https://app.rupt.dev/policies), add a policy on the `access` trigger that challenges when it sees concurrent sessions or too many devices. The [Account sharing prevention](/docs/v3/guides/account-sharing-prevention) guide has the exact policies to start from.

Set the challenge success URL to your signup or offer page so the extra viewer can start their own subscription.

If no sessions show up in your dashboard after a few logins, check that the script is in **Site footer code** and that the client ID matches the one in your Rupt dashboard.

## Frequently asked questions

**Does Thinkific prevent account sharing?**
Thinkific has no native account sharing or password sharing protection. You add it by installing Rupt, which detects concurrent sessions and challenges unauthorized viewers through a script in Thinkific's site footer code.

**How do I stop password sharing on Thinkific?**
Add the Rupt script under Settings → Code & analytics → Site footer code, then create an access policy in the Rupt dashboard that triggers on concurrent sessions. Rupt handles detection, the challenge, and device logout automatically.

**Does Rupt work with Thinkific's existing login?**
Yes. The Rupt script reads the signed-in Thinkific user from the page, so no changes to Thinkific's login or course player are needed. It loads with `async`, so it doesn't block your pages.

## Related

- [Account sharing prevention](/docs/v3/guides/account-sharing-prevention)
- [Access protection](/docs/v3/fundamentals/access-protection)
- [Challenge flow](/docs/v3/challenge-flow)