The Netflix password sharing crackdown has begun. And while the announcement left some streaming fans nervous about how the limit on password and account sharing will impact their entertainment experience, reducing account sharing can potentially bring a nice chunk of change for Netflix — upwards of $1.6 Billion per year by charging password-sharing users extra fees.
But password sharing isn’t the only problem. You see, Netflix has a leaky bucket problem. 200,000 users left the platform in the first 3 months of 2022 — making it the first subscriber decline in more than a decade.
In this article, we’ll explore 3 main topics:
- Why password sharing is a threat to Netflix; how they plan to fight it
- Why password sharing threatens everyday businesses beyond Netflix — both in terms of lost revenue and security risk
- How to reduce password sharing and account sharing
Let’s dive in.
TABLE OF CONTENTS
- What is password sharing?
- Why is Netflix losing so many subscribers?
- How will Netflix prevent password and account sharing?
- How much money does Netflix lose from password sharing?
- How can businesses prevent password sharing and account sharing?
What is password sharing?
Password sharing or “account sharing” occurs when multiple people use the same password to share one account instead of paying for additional account access. This is a popular practice, particularly across SaaS companies — and leads to lost revenue and security risk.
Why is password sharing a problem?
Password sharing and account sharing is not exclusive to Netflix. Companies that charge per account, per seat, or per license, are all too familiar with the threat of password sharing and its devastating impact on the business through lost revenue and the security vulnerabilities it creates. That’s why the Netflix password sharing crackdown is now in full swing.
Password sharing = Lost revenue
If you’re a business owner, would you like to make 5 sales or 25 sales? When multiple users share one account, it costs businesses money. In Netflix’s case, when accounts are shared by multiple users, Netflix pays for all that extra bandwidth, maintenance, technology investments, support staff — but actually earn nothing off of those additional users.
You can make an argument that Netflix is a large company and can absorb the cost, but for everyday business owners that operate a Software-as-a-Service (SaaS), that lost revenue can be existential.
Analysis by research firm Parks Associates estimates that password sharing and piracy cost companies in the streaming space around $9 billion in 2019. While Netflix CEO Reed Hasting has previously brushed off password sharing as a “marketing expense” and the cost of doing business, it seems time has come to pay the piper.
Password sharing = Security risk
When people share accounts, that means multiple people now have access to personal credentials like a password and email address. To make it worse, people generally reuse their passwords across several accounts instead of creating unique ones for every account — so it’s likely the account holder is foolishly exposing their other accounts that use those same credentials.
“It’s no secret that password-sharing is a way for consumers to get around the cost of paying for multiple services,” said Hari Ravichandran, founder & CEO of Aura. “What consumers aren’t considering is that these behaviors make them vulnerable to digital crime when people outside your household – even ones you trust – have your passwords on their devices.”
According to a study of 2,050 adults ages 18+ conducted by The Harris Poll, Americans engage in risky password behavior — jeopardizing their own security along with that of the business:
Bottom line, sharing passwords is convenient, and saves you money. But if you use the same password across multiple accounts, you could jeopardize all of them if the wrong person gets their hands on your login. It’s an irresponsible risk. If one account is compromised, malicious attackers are very good at trying the same password against multiple services through a popular cyber bot attack called Credential Stuffing.
Why is Netflix losing so many subscribers? And how the Netflix password sharing crackdown can help.
Netflix is losing subscribers for the first time in over a decade. The streaming giant blames competition from other streaming platforms, and users who share other people’s passwords. But it’s worth highlighting, there are multiple things at play here: Competition, Stagnant Content, and Password/Account Sharing. But only Competition and Content are leading to the loss of subscribers.
Competition and Stagnant Content
From Disney+, Apple TV+, Hulu, Prime, Paramount and a handful of other leaders in the streaming war, it feels like there’s a new streaming service popping up each week. And all of them are competing for the same eyeballs. That puts a lot of pressure on producing quality content, and unfortunately for Netflix it seems that, lately, their content just hasn’t been resonating well enough with users compared to how much it cost to produce or license those titles. The Netflix password sharing crackdown might help, but it certainly won’t fix the larger issues at play.
Account sharing is untapped revenue
Netflix estimates more than 100 million households worldwide watch the service for free using shared passwords. But that’s not simply untapped revenue; it’s also a real cost when you consider the bandwidth being wasted on users who are mooching off of someone else’s account. By cracking down on password sharing between people outside of the main household, Netflix is hoping to get back some of that lost revenue that they’re currently not earning at all.
Is Netflix cracking down on password sharing?
Netflix wants users who share passwords with people outside their households — in violation of its terms of use — to pay a small fee to keep streaming. They’re currently conducting a test in three Latin American countries (Chile, Costa Rica, Peru) to see if customers are willing to pay $2-3/month for users who share passwords with people outside their households. Instead of completely blocking those users for violating Netflix’s Terms & Conditions, they’re hoping the small monthly rate will entice them to pay to stay on the platform.
How much is the Netflix password sharing fee?
Netflix is currently testing $2-3/month for users who use a shared password to access the streaming account from outside the main address that’s listed on the account. If the test is successful, it’s rumored that this “sub account” option will be rolled out in the U.S. also.
On their website, Netflix said “[…] for the last year we’ve been working on ways to enable members who share outside their household to do so easily and securely, while also paying a bit more. And over the next few weeks, we’ll launch and test two new features for our members in Chile, Costa Rica, and Peru.”
Is password sharing bannable?
Netflix said it won’t ban password sharing outright, but those who do it will have to pay a small amount to maintain account access outside the household. It’s essentially Netflix charging a fee for password sharing.
Is Netflix password sharing illegal?
Technically, yes. In reality, it’s a little more complicated. The Computer Fraud and Abuse Act (CFAA) makes it a federal crime to share passwords — but it’s highly unlikely that the FBI will raid your home because you are still on your ex’s account despite breaking up several months ago. It’s worth noting, the feds have never prosecuted anyone for sharing a streaming service platform password, and courts have never explicitly addressed the issue of whether doing so violates the CFAA.
But, sharing your Netflix password is clearly against Netflix’s Terms of Use so it is a violation of a regulation and users can be blocked from the platform for failing to follow the agreement.
It’s funny to think that only 5 years ago, Netflix was actually encouraging password sharing — in what is now a resurfaced viral tweet.
How will the Netflix password sharing crackdown prevent password and account sharing?
With users increasingly leaving Netflix for the competition, Netflix is focusing on cracking down on password sharing as a way to slow down the bleeding and generate some of that lost revenue from previously untapped account sharers. But, if Netflix is too aggressive in curbing account sharing, they risk alienating a large chunk of its 200+ million paid subscribers.
But a crackdown on password sharing is indeed coming. Netflix has already tested ways to curb password sharing in some Latin American markets, such as charging small fees for password-sharing accounts who stream Netflix outside of the main household address. Let’s explore some of the methods they’re using to detect and prevent password sharing.
Two-factor authentication (2FA)
A new feature, first spotted by GammaWire, prevents people who are not authorized to use the account from accessing it. A Netflix spokesperson told The Verge, “This test is designed to help ensure that people using Netflix accounts are authorized to do so.”
Why is this a good thing? By forcing a second factor of authentication, it adds a little friction for the legitimate user to overcome. But, with this move they’re sweeping for unauthorized users (fraudsters + ex boyfriends/girlfriends) who are accessing the account without permission.
If Netflix detects that someone is trying to use the account without being an account owner, they’ll be asked to verify being an account owner through a one-time email code or text code. If that person is unable to verify account ownership within a certain timeframe, they won’t be able to stream any Netflix content. Instead, they’ll be asked to make their own account. While this may not prevent all password sharing — hypothetically, an account owner could send their friend the code as it comes through — the idea is that it will prevent some password sharing. In other words, if you’re still using your ex’s account from your breakup 6 months ago, good luck with that text asking for them to forward you the code.
How much money does Netflix lose from password sharing?
Some analysts say Netflix could reap an extra $1.6 Billion per year by charging password-sharing users extra fees. In a letter sent to shareholders, Netflix said there are more than 100 million households that use Netflix but do not pay for it. Netflix admitted it has allowed users to share their passwords because it got more people hooked on its platform. But competitors like Disney+, Apple TV+, Hulu, Prime Video and others have made it harder for the company to increase its membership base.
How can businesses prevent password sharing and account sharing?
Netflix isn’t the only business suffering from lost revenue due to account and password sharing. Many SaaS companies that charge per account, per seat, or per license, are all too familiar with the abuse of account sharing and its devastating impact on the business through lost revenue and security threats. So how can businesses prevent password sharing and account sharing?
It depends why you’re cracking down on account sharing. Netflix is hoping to use 2FA or two-factor authentication to accomplish two goals:
- Nudge legitimate users to sign up for their own “sub” account by adding a little friction to the experience. Imagine having to text the account holder each time you wanted to watch Netflix at 1am? This built-in friction in the authentication experience encourages account sharers to sign up for their own account due the inconvenience. 2FA is a popular solution for this and is offered by cybersecurity providers like TypingDNA Verify2FA.
- Block unauthorized users who are either mooching off of their ex’s account with whom they broke up with 6 months ago. Or, more importantly, to lock out fraudulent users who obtained a user’s credentials through malicious ways (e.g. purchased them on the dark web).
Prevent account sharing with typing biometric two-factor authentication
When you need two-factor authentication for your business that’s truly meant to prevent account sharing, check out Verify 2FA from TypingDNA. With Verify 2FA, even if your users share their username and password, they won’t be able to share their typing pattern, or “how they type” those credentials when signing into online accounts. And just like that with a 10 minute integration, you’ve eliminated account sharing and blocked unauthorized users.
Want to see how typing biometric authentication can work for your business? Learn more
