No matter the time frame, it can be abused. Currently you have a 180 day time frame, which is required on the address, but anyone that wants to get into your club, would realistically be able to forge this within that 180 day time period, or slightly over. If you are looking to reduce multiple users, this probably isn't going to do it effectively. Signing addresses, and having frequently used addresses isn't something that's going to help, unless you consider increasing the timeframe, to something of years, rather than days. Even then, most multiple accounts will likely be using different addresses for each account to avoid detection, if that's what they are looking to do.
Not even that, users will likely have multiple addresses over the years which they haven't tied to anything, and might start using these addresses for this purpose.
Honestly, I think you could probably put as much measures in as possible to reduce it, but it will only ever be harmful to the adoption of your club, whatever it may be. Restrictive requirements, will just annoy those that are legitimate, while only affecting a small minority of those that want to use multiple accounts in your club.
One of my strategies for combating multiple accounts will be verifying active bitcoin addresses - not throw away addresses.
Ideally, all Bitcoin addresses would be throw away addresses.
Have at least one transaction within the last 90 days, and one transaction older than 90 days.
Address reuse reduces privacy. Add the fact that I have several addresses that would qualify, and it won't accomplish what you're looking for.
Ideally, from my point that would be the case, but not everyone
cares about privacy. I also think its quite rare for users to abide by this even if they do
care about privacy.