How to identify unique user?

2019-02-06 18:23发布

问题:

Question

How can you determine if a user is unique or not?

I understand there are many ways to do this using cookies, but what about methods that don't use cookies?

For example, go to Urban Dictionary and click one of the up/down vote buttons. Even if you delete your cookies and come back to the page, you will not be allowed to cast a vote on the same definition.

How do they do this?

Purpose

Eventually, I'd like to use this unique user detection method on a site where users create accounts. New signups are given a type of "reward" and I want to prevent people from creating multiple accounts in order to exploit the reward system.

Ultimately, I don't really care what techniques are used to achieve this. I understand that no method will be 100% reliable. Even preventing this for 70-90% of users with an average computer skill level would satisfy me.

回答1:

I'm guessing that Urban Dictionary (and other voting sites, such as a variety of image boards) use IP addresses to track visitors. Not 100% fool-proof, but probably pretty good for most of the time.

Note that with many of these sites, you can vote again, usually once per 24 hours (or however long they log IP addresses for).

Some things that will break this scheme: People who know how to spoof IP addersses, NAT routers, proxies (possibly). Another thing: many home ISPs these days use dynamic IP addresses, so the IP address you have right now might be different in a few hours. If you want to force a new IP address, it's usually enough to unplug your high-speed modem for a few minutes then plug it back in. Some routers also have a feature to demand a new IP from the ISP.



回答2:

Urban Dictionary is probably only allowing one vote per IP. Or they could be taking a browser fingerprint https://panopticlick.eff.org/.

For tracking whether a user has been to your site before, cookies are a probably your best bet



回答3:

Besides IP address and "normal" cookies, FLASH cookies may be used. FF has an add-on called "BetterPrivacy" that delete those cookies when you exit the browser. But they're less known.



回答4:

Some use cookies, some force a login/email address, and some track IP address.



回答5:

As FrustratedWithFormsDesigner alludes to above, if you're not going to use cookies then you've got to use IP addresses. You can combine this with the user-agent, but even that is not infallible.



回答6:

IP address is commonly used but fallible, as others have said. Note that AOL (and perhaps other ISP's) use shared proxy servers for content-type requests and caching, so that a single user's requests for images may show up to your server as coming from several different IP addresses. Conversely, all AOL users' requests for images will therefore comme from these same IP numbers.