What, if any, is the best way to prevent people from giving out their member-info to a lot of people so they can access the members-area? this could cost me a lot of money, so I need something

one of the easiest way would be to filter the ip addresses coming into that site. say www.general.net is the main site, and its on 12.23.34.45 and you want everyone to be able to access it then keep it open/minimul filtering. then put www.members.general.net on 12.23.34.46 and filter every ip address coming into there. make your clients/member supply you with ip addresses that they have/use, add them to the allow list and its reasonably filtered. only thing now it the annoyance of most ISP's dynamic ip addresses. not fool proof but its a method i use.

You could filter IPs as mentioned above, or you could tie the password to some personal information of the actual member.

People are more reluctant to share accounts and passwords when you can find a way to tie it to their name, phone number, address or billing information.

Make it so that they can only be logged in once. So if they give out their info, and one of their buddies is logged in, they're locked out.

jstanten, that is exactly what I was thinking. I am planning on having their name, address, phone number on the welcome screen along with a link to continue (renew) or cancel account. Even though those last two would require to know the person's credit card, a lot of people may not realize that and it might make them a lot more reluctant

There are a number of ways to do this. One way is to use the session management techniques available in PHP or whatever you use.