{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 呛了眼睛熬了心 的问题《User recognition without cookies or local storage》','https://www.manongdao.com/q-18077.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm building an analytic tool and I can currently get the user's IP address, browser and operating system from their user agent.
I'm wondering if there is a possibility to detect the same user without using cookies or local storage? I'm not expecting code examples here; just a simple hint of where to look further.
Forgot to mention that it would need to be cross-browser compatible if it's the same computer/device. Basically I'm after device recognition not really the user.
this will require the user to willingly install the identifier.
once the plugin is installed, the fingerprint of any (plugin enabled) browser will contain this specific plugin. To return the info to a server, a algorithm to effectively detect the plugin on client-side is needed, otherwise IE and Firefox >= 28 users will need a table of possible valid identifies.
This requires a relatively high investment into a technology that will likely be shut down by the browser-vendors. When you are able to convince your users to install a plugin, there may also be options like install a local proxy, use vpn or patch the network drivers.
Users that do not want to be identified (or their machines) will always find a way to prevent it.
I can't believe, http://browserspy.dk still has not been mentioned here! The site describes many features (in terms of pattern recognition), which could be used to build a classifier.
And of cause, for evaluating the features I'd suggest Support Vector Machines and libsvm in particular.
This technique (to detect same users without cookies - or even without ip address) is called browser fingerprinting. Basically you crawl as information about the browser as you can - better results can be achieved with javascript, flash or java (f.ex. installed extensions, fonts, etc.). After that, you can store the results hashed, if you want.
It's not infallible, but:
More info:
Have you looked into Evercookie? It may or may not work across browsers. An extract from their site.
"If a user gets cookied on one browser and switches to another browser, as long as they still have the Local Shared Object cookie, the cookie will reproduce in both browsers."
Based on what you have said :
Best way to do it is to send the mac address which is the NIC ID.
You can take a look at this post : How can I get the MAC and the IP address of a connected client in PHP?
JavaScript Mac Finder
Track them during a session or across sessions?
If your site is HTTPS Everywhere you could use the TLS Session ID to track the user's session