Every dev team we know shares LLM accounts. Nobody talks about it because the official line is "one person, one account." But when Claude Max costs $200/month and your team has 15 engineers, the math doesn't work. So everyone shares — and then everyone gets burned by the same surprise ban wave.
We got burned too. Multiple times. Here's what we learned and what we built instead.
Our first instinct was the same as everyone else's: hide better. Residential proxies. Device fingerprint spoofing. Timezone alignment. Make 15 people look like one person in Palo Alto.
It works. For a while. Then the vendor updates their detection model, and your entire pool goes dark on the same Tuesday afternoon. The problem isn't that you're bad at hiding. The problem is that hiding is an arms race you cannot win, because the other side writes the rules.
The shift came when we stopped asking "how do we look like one person" and started asking "how do airlines manage to share airspace with thousands of planes without collisions?" They don't try to hide the planes. They schedule them.
Most people think account status is "working" or "banned." It's not. It's a continuous gradient. We rate every account 0-100 in real time, pulling from a dozen signals: usage velocity, remaining quota, throttle events, concurrent users, anomaly flags from recent responses.
A 100-point account gets new traffic. A 35-point account only serves existing sessions — no new conversations. Below 10: auto-retire, no requests routed at all. Every state change logs why it happened. Health → Watch → At-risk → Retired. The audit trail is the only thing standing between you and "nobody knows why we got banned."
Default approach: distribute all users evenly across 12 accounts. Looks balanced. But when a vendor drops a new detection model that flags similar usage patterns, all 12 get hit simultaneously.
We group accounts into pools of 4. Each user's requests only circulate within their assigned group. One account goes down → one group affected, not the entire team. Same principle as aircraft redundancy partitioning: single-point failures must be physically contained.
Uniform distribution sounds fair. But the vendor's cache pricing says otherwise: same conversation context hitting the same model gets cache-hit discounts. Jumping accounts means paying full token price every time. So we default to sticky sessions — one conversation, one account — unless the account triggers a risk signal or runs out of quota. It's not about fairness. It's about not burning money.
The intuitive move is squeezing every last token. The counter-intuitive reality: hitting 100% quota triggers hard blocks, and vendor risk systems log those blocks as negative signals. Enough blocks, and a perfectly legitimate account gets flagged.
We cut over at 95-99%. That last 1-5% isn't waste. It's the cost of a clean vendor record.
The most dangerous moment in any scheduling system: multiple accounts fail in rapid succession. Normal auto-switching logic jumps to the next available account — which also fails — then the next — then the next. In seconds, the entire pool cycles through and every single account gets flagged.
We call this a storm. When consecutive failures cross a threshold, the system freezes all auto-switching and routes pending requests to manual review. The brake doesn't prevent the outage. It prevents the pool from being permanently destroyed.
"How many people can share one AI account?" is the wrong question. The right question is: can you see where every account sits on the health curve right now, and do you have the guts to pull it before it gets flagged?
Pooling money for shared accounts is the easy part. What keeps you sleeping at night is the scheduling engine nobody sees: scoring, grouping, sticking, buffering, braking, logging. Every layer answers the same question: which account is the safest place to route this next request?
We're building this into AiKey. If you're managing LLM access across a team and tired of playing whack-a-mole with bans: https://aikeylabs.com/zh/i/ih20
Enterprise inquiries: [email protected]
How's your team handling this? Drop your approach below — genuinely curious what's working for people.