I think the problem is that a large number of the people who run porn sites are neither technically sophisticated nor well funded.
That profile's not exactly accurate. Some of the folks running porn sites are very sophisticated.
Yes but I don't think those are the ones complaining. I noted that one of the porn sites has a implemented a very sophisticated version of the "referer" payment scheme I once proposed.
More to the point, I don't know of *any* site that does the sort of protection proposed above. I don't think it's an easy thing to do. An enterprising person could probably turn quite a few bucks selling that sort of system.
I'm sure a lot of folks are coding away as we speak. It would be a snap to do it for a threaded server like IIS. On Netscape the interpocess communications load would almost certainly burn you.
But do the porn sites want it? The stolen passwords might partly serve as free advertisement. The situation might be similar to (some kinds of) pirated software. The stolen version acts as a teaser but (hopefully) the consumer will eventually pay himself in order to have more convenient access.
This could well be the nub of the matter. It could well be the case that a lot of the passwords are sent out by the companies themselves. I note that there is a usenet group alt.sex.passwords... Phill