Based on your comment
The sense of this requirement is to avoid users from registering in the application, paying for the membership and than giving the credentials of account to other people.
Either you go expensive and highly secure like RSA hardware authenticators
-or-
You change your business model and make it unattractive to share credentials. e.g. due to cost - I don't share my apple or amazon creds because I don't feel like paying for their purchases. Another is having a user community. Nobody shares their flickr account because those photos are artistically theirs, and they don't want anyone mucking with their stuff for the sake of a few dollars. Sharing is dissuaded because it's a community, not just a repository.
But none of these things prevent users from sharing, but I'm sure it happens a lot less.
You otherwise restrict yourself to mechanisms that (attempt) to passively monitor abuse. Too many concurrent downloads, too many concurrent accesses, etc. If your user violate the t's and c's of your agreement then you suspend their account. But you would have to have very obvious offenders, because it's very easy to get this wrong. It's a model to be avoided if you can because you're always going to play catchup and there's always going to be someone who rips you off.
Nobody will sign up to a website if they need to buy an RSA device to access it. It's not a viable consumer solution.
(Original answer)
I think what you want to look at is using Client Certificate Authentication. Essentially your user installs a personal client certificate on their machine so that when they connect to your server, your server can verify that computer.
I'm not going to tell you it's easy, because it doesn't look like it. You may need to set up your own certificate server and quickly googling it, none of it is pretty.
Maybe, OS depending, there's a feature in there that you can create a certificate that is machine-specific, or one that can't be exported.
This sort of thing is usually for secure connections between between servers, and not typically for what you want on the client side. This is going to be a helpdesk nightmare.
wiki Transport Layer Security or windowssecurity.com Using Client Certificate Authentication with IIS 6.0 Web Sites or msdn Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication
You could also go the route of using RSA hardware authenticators