I run a private fishing forum with vbulletin 4 and have recently found out that one of my users has given his username and password out to an unauthorized person. Being that this is a private forum, i want to know if there is a way that I can snare this culprit. I don't know who the user is that has handed out his password. One thought I had was to search the IP addresses of all users and see if there is a suspicious pattern, and then block all IP address with the exception of the IP address they used to sign up. Once I dove into seeing everyones IP addresses, I realized that this might be futile since many of us look at the forum from so many computers. The second thought I had was to reset everyone's password. But, I doubt that would do anything to help my cause.

I'm not terribly proficient at vbulletin, but I'm a quick learner. Is there anyway to manage this situation????

As you said, doing it by ip isn't perfect, but I don't know how else you'd do it. I remember a while back someone had an idea to allow 2 ip addresses per user, but you'd need a mod to do that and I'm not sure if it ever got past the idea stage. Anyway, even doing that, I'm sure there'd always be someone who needed another one for some legitimate reason.

Thanks KH99. Seems that I'm stuck with this situation. I'm hoping that I can somehow acquire the outside persons IP adress and then block it on vbulletin. Definitely not sure how to do that yet, but hopefully I can figure it out.

This is pretty frustrating.

Thanks for your input.

Different machine might also have a different user agent.