Netflix's battle against account sharing highlights key struggle for subscription services

by Nick Moran, on Wed 17 March 2021

Netflix has had enough of your friend mooching off of your account. The streaming company is cutting down on account sharing by taking new steps to limit users outside of the account owner’s home from using the same account.

The new feature requires a form of two-factor authentication for potentially unauthorized users, making it more of a hassle to share your account. For those trying to log in to their friend’s account, they will be asked to get a verification email or text.

This effort aims to combat account sharing, with nearly one-third of users sharing their account with one or two people and just over one-fourth sharing it with three to four people. Of those users, 37% share it with friends, family or strangers they do not live with, according to a study by The Manifest. That last bucket specifically represents a massive slice of lost revenue.

The steps that Netflix is taking may kickstart a trend for other companies that use online subscription services that can be exploited by credential sharing. Not only do other large-scale streaming companies like Hulu and Disney+ suffer from this exploit, but any service from music streaming to digital news outlets to VPNs that uses a subscription model can be gamed this way, regardless of the business’ size.

Netflix seems to be using two-factor authentication as a deterrent to credential sharing, but the strategy isn’t bulletproof. With a Netflix login requiring an email and a password to login, users with the same combination associated with their email accounts leave the door open for unauthorized users to waltz in and verify themselves.

On the business front, even with permission from the main user to share their account, their very ability to willingly pass along their login credentials leads to a loss of revenue, which businesses are desperately trying to prevent. Their current efforts feel more like a low hurdle than a permanent solution to users siphoning potential revenue.

The issue lies in login credentials, which are sharable no matter how many hoops you ask customers to jump through. As long as usernames and passwords are in use, this subscription siphoning problem associated with credential sharing still exists.

The solution is right in front of us. If companies ditch usernames and passwords, there’s nothing to share and accounts only belong to paying customers.

There are a range of options that don’t require typical credentials to log in. Using a personalized key to log in, for example, such as a user’s smartphone paired with a QR code, it becomes much more difficult for multiple people to share one account.

There are a wide range of products on the market, with WWPass login being a strong, practical solution. Whatever businesses pick, the first step to protecting revenue isn’t making traditional logins more complicated for users, but opting for simplicity that doesn’t involve account sharing.