Jump to content

Detecting double accounts


Go to solution Solved by Zane,

Recommended Posts

Sorry, Leverkusen, but this is nonsense. And I think a web developer should understand the web well enough to realize this.

 

The “proxy detection” you have in mind doesn't work, locks out legitimate users and is simply nonsense. If your competition doesn't work on the Internet, then that's the problem. There's obviously an issue with the concept.

Unfortunately there isn't going to be any foolproof way to make sure they aren't.  You can put multiple checks in place to check along the way to "try" and negate them from achieving 2 accounts but in the end all you may do is keep legitimate users from actually using the site too.

 

You can use a combination of cookies, sessions and registration verification checks to start with.  The problem is that people can just fake the registration checks by simply signing up a different email and verifying the email when you send them the "verifictaion email".  They can just change or delete the cookies you set and use multiple browsers to negate the session issue.

 

So again, there is no foolproof way to do it.  Just put as many checks in place that make sense without keeping legitimate users out.

  • Solution
To automatically attempt to detect a double account creation would involve very complex algorithms that only a human being can utilize.

Pretty much, you'd need one person to an army of persons to check such variables (that noone can seem to identify).

The input you do get is pretty much useless, because the most you could do is compare a stored geolocation and/or an IP.

But that would only allow you to compare their stored IP, which would only keep the user form using a different IP.

The don't call it Dynamic Host Control Protocol for nothing, their IP will change at some point so you would have to capture the network address portion of the IP.

But what if the ISP changes their network address?

 

Now, you are at the mercy of how broad a client base this ISP has; the less the better.

Though still, this only limits you to that group of clients.

 

What is the population of that city?

What percent of the households of this population use the internet?

With a population 1,000, and an aforementioned percentage of 70, 

Compare this percentage with all users when they go to register an account

This could signal a flag to alert you.

Now you're at the mercy of making decisions, the human way.

 

If the comparison is true, you have to consider the likelihood of this user using a neighbor's computer with the same ISP and network address.

Though, seeing as IP's can be spoofed just contradicts that whole portion of security.

So what is the likelihood that you user base even knows how to spoof an IP?

What are their moral values?

Do you trust your user base?

That's what your "security" would involve.

 

The Honor System is the only chance you have.

Edited by Zane

I used to run a bbs (bulletin board service who don't know what that is) and even then people could get double accounts. I once had the notion of only having one phone per account (Back then verification was done by bbs software actually calling back the user's computer), but thought that a household could have more than one person for that phone (I know you are thinking boy was I stupid, but remember I was only 13-16 at the time). The only way I can think of not having people creating double accounts is having a membership fee, but having run a bbs for a long time I know from past experience people are cheap and want everything for free.  :happy-04:

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.