As others above mentioned MAC addresses can be spoofed to whatever you want with minimal effort. It would be as futile as monitoring IP addresses. That being said, does the average user know/care to do that? Probably not, unless they were tryign to scam the system.
You could probably try to flag the account if the subnet the IP address was on changed drastically, or if the user logged in simultaneously from different subnets. I don't think you'll find an airtight solution no matter how you spin it. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:312176 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4