What is the best form of authorization for captive portal WiFi

I’ve been looking into captive portal WiFi implementations and on a few I’be been able to easily bypass their login with the following steps:

  1. 1) Open Wireshark and run a report getting the most used IPs in my network (except the router’s IP and mine)
  2. Chang my mac address to that IPs associated mac
  3. refreshing the NIC

My rational was that it seemed like most captive portal just redirect all your traffic to a login page, once you login it seems to whitelist your mac. So I just found the IPs that had the most traffic that were on my network and assumed they are probably already authorized to use the internet. Sometimes it takes a few tries to get the right mac, but this normally works. I’m wondering what other better authentication methods are out there that solve this problem.